How does load balancer manage TCP connections
As far as I can see, this is your misconception about networking topics including OSI Layers and communication methods.
To briefly answer your main question, I should say that the way that your LoadBalancer is treating completely depends on your configuration and on how you have defined/wanted it to be treating. But to show you how LoadBalancing really works in Layer 4 and 7 of OSI Model, please read the following information :
First of all, about RST Packets you should note that what you mentioned is totally common because RST is used to reset the connection and can occurs on both sides depending on what could not be completed and when there is no more conversation happening between server and client whilst the connection is not yet ended. Excerpt from an answer in Quora, A RST packet is sent either in the middle of the 3-way handshake when the server rejects the connection or is unavailable OR in the middle of data transfer when either the server or client becomes unavailble or rejects further communication without the formal 4-way TCP connection termination process.
Transmission Control Protocol (TCP) operates at the transport layer (Layer 4 in OSI Model). TCP provides reliable, ordered, and error-checked delivery of a stream of octets and creates virtual connection between applications running on hosts communicating by an IP network. In other words, it provides a communication service at an intermediate level between an application program and the Internet Protocol, and since IP packets can - may - be lost, corrupted, or arrive out of order, TCP has mechanisms for correcting these errors, transforming the stream of IP packets into a reliable communication channel. Each application is assigned a unique TCP port number to enable delivery to the correct application on hosts where many applications are running. For instance, the standard TCP port 22 has been assigned for contacting SSH servers - default ports can be changed in configuration files if needed.
In Layer 4 load balancing load balancer’s IP address is advertised to clients for a web site or service. So as might have been guessed, destination address recorded in clients' requests would be the address of LoadBalancer. When the Layer 4 load balancer receives a request and makes the load balancing decision, it also performs Network Address Translation (NAT) on the request packet, changing the recorded destination IP address from its own to that of the content server it has chosen on the internal network. For instance, in your scenario your LoadBalancer will change its own address to the one which is needed to server the requested service to the client, to be more explicit let's consider one of your three servers behind the LoadBalancer is serving as your storage server and the client is willing to read a PDF or whatever content on your website. Client's destination address is set to the public IP address which is assigned to your LoadBalancer, and when your LoadBalancer receives the request it will decide to which server - in internal network using of its own - it should be map the request depending on rules you have set and configured in your LoadBalancer. Similarly, before forwarding server responses to clients, the load balancer changes the source address recorded in the packet header from the internal server’s IP address - your storage for example - to its own. (The destination and source TCP port numbers recorded in the packets are sometimes also changed in a similar way.) Then it makes their routing decisions based on address information extracted from the first few packets in the TCP stream, and do not inspect packet content.
And to answer "if load balancer is responsible for reseting connections, will I not see RST packets on server side as it is being sent by LB with changed source ip?", I should say you will only see RST packets on other servers if their connection is needed to be reset with LoadBalancer, not client's connection with LoadBalancer.
BTW, I highly recommend you use tcpdump on your internal servers to see if you can receive requests from LoadBalancer or not, so you can see what is going wrong and you will find out how to fix your problems. Don't you bewilder yourself by using WireShark, it is a brilliant tool but you should be familiar enough to understand what it is showing you.
Related videos on Youtube
37 : 33
07 : 27
16 : 39
08 : 23
02 : 55
whd
Updated on September 18, 2022Comments
-
whd over 1 year
I have questions about handling TCP connections by load balancer.
I have three servers behind my load balancer, and sometimes due to some processing tasks it happens that no data is being sent between servers and clients, after 5 minutes of being idle connections will be dropped because server has sent RST flag (Connection reset by peer). I was wondering load balancer could be responsible for that, so I used WireShark to capture TCP packets with RST FLAG, and it captured such packets.
My question is, if load balancer is responsible for resetting the connection, will I not see RST packets on server side as it's been sent by LB with changed source IP? Or maybe I am wrong, and is it still possible to capture it on server side even though LB is sending RST packets?
EDIT 1
I would like to narrow (or maybe enhance) my question. If anything between client and server sends packet with RST, should it be visible on both client and server or only on one of those (client for example)?
EDIT 2
I have captured packets with RST flag on client and server side, and what is weird is that on client side it looks like the LB server has sent it, and on server side it looks like the client has sent it (by source/destination IP)
-
Admin about 7 yearsYou miss the load balancer technology. Microsoft Clustering, a netscaler, load balancer on a router, etc... Your answer will be generic without more information
-