生活随笔
收集整理的這篇文章主要介紹了
keepalived脑裂问题查找
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
在自己環境做keepalived+redis實驗時,當重啟了備用redies機器后,發現兩臺redies主機都拿到了VIP
?
[plain]?view plain
?copy [root@redis2?~]#?ip?addr?list??1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?65536?qdisc?noqueue?state?UNKNOWN???????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00??????inet?127.0.0.1/8?scope?host?lo??????inet6?::1/128?scope?host??????????valid_lft?forever?preferred_lft?forever??2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000??????link/ether?52:54:00:72:6a:7c?brd?ff:ff:ff:ff:ff:ff??????inet?192.168.122.54/24?brd?192.168.122.255?scope?global?eth0??????inet?192.168.122.50/32?scope?global?eth0??????inet6?fe80::5054:ff:fe72:6a7c/64?scope?link??????????valid_lft?forever?preferred_lft?forever?? ?
[plain]?view plain
?copy [root@localhost?~]#?ip?addr?list??1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?65536?qdisc?noqueue?state?UNKNOWN???????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00??????inet?127.0.0.1/8?scope?host?lo??????inet6?::1/128?scope?host??????????valid_lft?forever?preferred_lft?forever??2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000??????link/ether?52:54:00:85:7b:a9?brd?ff:ff:ff:ff:ff:ff??????inet?192.168.122.96/24?brd?192.168.122.255?scope?global?eth0??????inet?192.168.122.50/32?scope?global?eth0??????inet6?fe80::5054:ff:fe85:7ba9/64?scope?link??????????valid_lft?forever?preferred_lft?forever??
也就是出現了keepalived的腦裂現象,檢查了兩臺主機的網絡連通狀態,發現網絡是好的。然后在備機上抓包
?
[html]?view plain
?copy [root@localhost?~]#??tcpdump?-i?eth0|grep?VRRP??tcpdump:?verbose?output?suppressed,?use?-v?or?-vv?for?full?protocol?decode??listening?on?eth0,?link-type?EN10MB?(Ethernet),?capture?size?65535?bytes??15:51:17.146322?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:17.146577?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:17.146972?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:18.147136?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:18.147576?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:25.151399?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:25.151942?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:26.151703?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:26.152623?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:27.152456?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:27.153261?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:28.152955?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:28.153461?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:29.153766?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:29.155652?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:30.154275?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:30.154587?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:31.155042?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:31.155428?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:32.155539?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:32.155986?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:33.156357?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:33.156979?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20??15:51:34.156801?IP?192.168.122.96?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?50,?authtype?simple,?intvl?1s,?length?20??15:51:34.156989?IP?192.168.122.54?>?vrrp.mcast.net:?VRRPv2,?Advertisement,?vrid?51,?prio?160,?authtype?simple,?intvl?1s,?length?20?? ?
備機能接收到master發過來的VRRP廣播,那為什么還會有腦裂現象?發現重啟后iptables還開著,檢查了防火墻配置
?
[plain]?view plain
?copy root@localhost?~]#?iptables?-S??-P?INPUT?ACCEPT??-P?FORWARD?ACCEPT??-P?OUTPUT?ACCEPT??-A?INPUT?-m?state?--state?RELATED,ESTABLISHED?-j?ACCEPT???-A?INPUT?-p?icmp?-j?ACCEPT???-A?INPUT?-i?lo?-j?ACCEPT???-A?INPUT?-p?tcp?-m?state?--state?NEW?-m?tcp?--dport?22?-j?ACCEPT???-A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited???-A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited???
發現系統不接收VRRP協議,于是修改iptables
?
[plain]?view plain
?copy [root@localhost?~]#?iptables?-I?INPUT?4?-p?vrrp?-j?ACCEPT?? [plain]?view plain
?copy [root@localhost?~]#?iptables?-S??-P?INPUT?ACCEPT??-P?FORWARD?ACCEPT??-P?OUTPUT?ACCEPT??-A?INPUT?-m?state?--state?RELATED,ESTABLISHED?-j?ACCEPT???-A?INPUT?-p?icmp?-j?ACCEPT???-A?INPUT?-i?lo?-j?ACCEPT???-A?INPUT?-p?vrrp?-j?ACCEPT???-A?INPUT?-p?tcp?-m?state?--state?NEW?-m?tcp?--dport?22?-j?ACCEPT???-A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited???-A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited??? [plain]?view plain
?copy [root@localhost?~]#?ip?addr?list??1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?65536?qdisc?noqueue?state?UNKNOWN???????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00??????inet?127.0.0.1/8?scope?host?lo??????inet6?::1/128?scope?host??????????valid_lft?forever?preferred_lft?forever??2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000??????link/ether?52:54:00:85:7b:a9?brd?ff:ff:ff:ff:ff:ff??????inet?192.168.122.96/24?brd?192.168.122.255?scope?global?eth0??????inet6?fe80::5054:ff:fe85:7ba9/64?scope?link??????????valid_lft?forever?preferred_lft?forever?? 發現VIP沒了。雖然問題解決了,但為什么備機明明能抓到master發來的VRRP廣播包,但卻無法改變自身狀態呢?只能說明網卡接收到數據包是在iptables處理數據包之前發生的事情。
總結
以上是生活随笔為你收集整理的keepalived脑裂问题查找的全部內容,希望文章能夠幫你解決所遇到的問題。
如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。
