Layer 4 (LVS)
LB Layer4 reference
Use the LB Layer4 tab to specify director
definitions for the Linux Virtual Server (LVS) service. The layer 4 load balancer is the IPVS component of the Linux Virtual Server (LVS) project.
Info
You cannot bind an LVS load balancer to a range of IP addresses or ports. For this capability, create a flow using the Flows tab and use the director
flow policy to direct traffic from the desired addresses and ports to the LVS load balancer.
Configuration file syntax Jump to heading
The file consists of a list of director
sections.
text
director <name> [ <ip>[:<port>] [TCP|UDP] ]balance { roundrobin | leastconn [localitybased [replication]] | source |srcdst | dest | shortestexpected | neverqueue }mode { gateway | nat | tunnel }check { [timeout <seconds>] [interval <seconds>] [source <ip>] [port <port>] }option { persistence [timeout <seconds>] [netmask <netmask>] |httpcheck [uri <uri>] [statuscode <int>] [vhost <string>] |tcpcheck | arpcheck [iface <name>] | icmpcheck }server <name> <ip>[:<port>] [weight <int>] [check] [sorry][server]...
text
director <name> [ <ip>[:<port>] [TCP|UDP] ]balance { roundrobin | leastconn [localitybased [replication]] | source |srcdst | dest | shortestexpected | neverqueue }mode { gateway | nat | tunnel }check { [timeout <seconds>] [interval <seconds>] [source <ip>] [port <port>] }option { persistence [timeout <seconds>] [netmask <netmask>] |httpcheck [uri <uri>] [statuscode <int>] [vhost <string>] |tcpcheck | arpcheck [iface <name>] | icmpcheck }server <name> <ip>[:<port>] [weight <int>] [check] [sorry][server]...
The terms are as follows.
director Jump to heading
-
director
Specifies a unique identifier for the director, the IP and port for incoming traffic, and the protocol.
balance Jump to heading
-
balance
Load balancing algorithm, one of:
Algorithm Description dest
Assigns jobs to servers through looking up a statically assigned hash table by their destination IP addresses. weightedfailover
Available since version 16.0. Weighted failover. Assigns jobs based solely on highest weight value and server availability. leastconn
Assigns more jobs to servers with fewer jobs and relative to the real servers’ weight (Ci/Wi). This is the default. leastconn localitybased
Assigns jobs destined for the same IP address to the same server if the server is available and not overloaded. Otherwise, assign jobs to servers with fewer jobs, and keep it for future assignment. leastconn localitybased replication
Assigns jobs destined for the same IP address to the least-connection node in the server set for the IP address. If all nodes in the server set are overloaded, it picks up a node with fewer jobs in the cluster and adds it in the sever set for the target. If the server set has not been modified for the specified time, the most heavily loaded node is removed from the server set, in order to avoid excessive replication. maglevhash
Available since version 16.0. Maglev hashing. Assigns jobs using consistent hashing but with minimal disruption. Each destination receives an almost equal number of connections. neverqueue
Assigns an incoming job to an idle server if one exists, instead of waiting for a fast one. If all servers are busy, it adopts the Shortest Expected Delay policy to assign the job. weightedoverflow
Available since version 16.0. Overflow connections. Assigns jobs according to a number of active connections. It maintains all connections to the node with the highest weight and overflows to the next node if the number of connections exceeds the node’s weight. Note that this scheduler might not be suitable for UDP because it only uses active connections. roundrobin
Distributes jobs equally among the available servers. Jobs are assigned to servers in proportion their weight. Servers with higher weights receive new jobs first and get more jobs than servers with lower weights. Servers with equal weights get an equal distribution of new jobs. shortexpdelay
Assigns an incoming job to the server with the shortest expected delay. The expected delay that the job will experience is (Ci + 1) / Ui if sent to the ith server, in which Ci is the number of jobs on the the ith server and Ui is the fixed service rate (weight) of the ith server. source
Assigns jobs to servers through looking up a statically assigned hash table by their source IP addresses. srcdst
Assigns jobs to servers through looking up a statically assigned hash table by their source and destination IP addresses. twoschoice
Available since version 16.0. Weighted random twos choice. Assigns jobs by selecting two random servers based on weights and then selecting the server with the fewest connections normalized by weight.
mode Jump to heading
-
mode
One of:
Mode Description gateway
Use direct routing. nat
Use destination masquerading (network access translation, or NAT). tunnel
Use ipip encapsulation (tunneling).
check Jump to heading
-
check
Specify global check parameters. If no advanced check mode is defined using these options, icmp checks are performed. Any of:
Option Description timeout <seconds>
Duration in seconds. If no connection established, check failed. The default is half of check interval. interval <seconds>
Interval between checks in seconds. The default is 10 seconds. source <ip>
Force source IP to use. port <port>
Force port destination. (Only on tcpcheck and httpcheck. By default and if it exists, the real-server port is used). rise <count>
A server will be considered as operational after consecutive successful health checks. The default is 1. fall <count>
A server will be considered as dead after consecutive unsuccessful health checks. The default is 1. inhibit
If a server is down, its weight is passed to 0 but not deleted. Established connection are not broken but new connections are dispatched on the other servers.
option persistence Jump to heading
-
option persistence
Specify that a virtual service is persistent. If this option is specified, multiple requests from a client are redirected to the same real server selected for the first request. This option may be used in conjunction with protocols such as SSL or FTP where it is important that clients consistently connect with the same real server. Any of:
Option Description timeout <seconds>
The timeout of persistent sessions may be specified, given in seconds. netmask <netmask>
Specify the granularity with which clients are grouped for persistent virtual services, as a net mask. The source address of the request is masked with this netmask to direct all clients from a network to the same real server. The default is 255.255.255.255, that is, the persistence granularity is per client host. Less specific netmasks may be used to resolve problems with non-persistent cache clusters on the client side.
option httpcheck Jump to heading
-
option httpcheck
Testing method. Checks performing an HTTP GET request on real server IP. Any of:
Option Description uri <uri>
Requested uri. (default is root /
).statuscode <int>
Expected status code. (default is 200). vhost <string>
String to set in Host header field.
option tcpcheck Jump to heading
-
option tcpcheck
Testing method. Checks opening a TCP connection on real server IP.
option arpcheck Jump to heading
-
option arpcheck
Testing method. Checks sending an arp-whoas to real server IP. Any of:
Option Description iface <name>
Network interface name.
option icmpcheck Jump to heading
-
option icmpcheck
Testing method. Checks sending an icmp echo request to real server ip.
option onepacket Jump to heading
-
option onepacket
One-packet scheduling. This option can be used only for UDP. This option is useful for scheduling UDP packets from same client port to different real servers.
server Jump to heading
-
server
Specify parameters for backend servers.
Parameter Description name
Unique identifier for the server. IP[:port]
IP address and optional port of server. If port is omitted, it defaults to destination port specified in incoming packet. weight <int>
Optional. Numeric weight of the server. check
Optional. Activate checks on the server. Check options are same as for director
, above.sorry
Optional. Classify this server as a sorry
server. It is used if all other servers are unavailable.
Important
To save a new LVS load balancer or changes to an existing load balancer, save the HAProxy ALOHA configuration. Click on the Setup tab. In the Configuration section, click Save.
LVS manager invocation options Jump to heading
Invocation options for the lvs
service are configured on the Services tab.
Do you have any suggestions on how we can improve the content of this page?