kernel-packages team mailing list archive

Thread
Date
[Bug 1453180] Re: Passive FTP is not handled properly by the ip_vs_ftp module

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Shawn Heisey <ubuntu@xxxxxxxxxxxx>
Date: Fri, 08 May 2015 19:16:08 -0000
Reply-to: Bug 1453180 <1453180@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
I grabbed a packet capture on the FTP client of the attempted FTP
through LVS.  When the client sends the PASV command, it never gets a
response.

Repeating the packet capture on the machine doing LVS (and capturing
both interfaces), I got more info.  The FTP server sends the reponse to
the PASV command, which the ip_vs_ftp module should mangle (changing to
the public IP) and forward to the client ... but it never does.  Instead
thousands of duplicate ACKs begin traversing the network.  I will attach
a screenshot of the capture in wireshark.  The IP addresses are
different than my ldirectord config above ... I had to set up a
temporary FTP server and run a different virtual address, because the
other FTP servers are using the old machine as their default gateway.


** Attachment added: "Screenshot of wireshark showing packet capture on LVS system"
   https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1453180/+attachment/4393765/+files/wireshark-on-lb.png

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1453180

Title:
  Passive FTP is not handled properly by the ip_vs_ftp module

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  I have a setup on CentOS 5 (kernel 2.6.18-128.1.6.el5.centos.plus,
  ipvsadm v1.24, ldirectord v1.186-ha-2.1.3) that handles this
  perfectly.  I'm migrating because the software on that system is very
  old.

  After migrating the config to Ubuntu 14, fully updated with aptitude,
  only active FTP works.  The kernel is 3.13.0-52-generic, ipvsadm is
  v1.26, and ldirectord is v1.186-ha -- all are installed from Ubuntu
  packages.

  root@lb1:~# lsb_release -rd
  Description:    Ubuntu 14.04.2 LTS
  Release:        14.04
  root@lb1:~# uname -a
  Linux lb1 3.13.0-52-generic #86-Ubuntu SMP Mon May 4 04:32:59 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

  Passive FTP, which should be handled by the ip_vs_ftp module, doesn't
  work properly.  The control channel works, but data connections don't
  establish.  The ip_vs_ftp module is loaded from /etc/rc.local and the
  system has been rebooted a number of times.  The ldirectord process is
  not started by upstart, it is started by pacemaker.

  The LVS load balancer is being configured by ldirectord.  This is the
  ldirectord config:

  checktimeout=5
  checkinterval=10
  negotiatetimeout=20
  autoreload=yes
  logfile="/var/log/ldirectord.log"
  quiescent=no

  virtual=XX.XXX.XXX.71:21
          fallback=127.0.0.1:21
          real=10.100.2.61:21 masq 65535
          real=10.100.2.60:21 masq 1
          service=ftp
          request="monitortest.txt"
          receive="good"
          login="lbtest"
          passwd="PASSWD"
          scheduler=wrr
          protocol=tcp
          checktype=negotiate

  On both CentOS 5 and Ubuntu 14, the machine has actual public IP
  addresses on it, and that virtual address is a public IP.  The
  firewall is disabled.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: linux-image-3.13.0-52-generic 3.13.0-52.86
  ProcVersionSignature: Ubuntu 3.13.0-52.86-generic 3.13.11-ckt18
  Uname: Linux 3.13.0-52-generic x86_64
  AlsaDevices:
   total 0
   crw-rw---- 1 root audio 116,  1 May  7 22:02 seq
   crw-rw---- 1 root audio 116, 33 May  7 22:02 timer
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.14.1-0ubuntu3.10
  Architecture: amd64
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
  CRDA: Error: [Errno 2] No such file or directory: 'iw'
  Date: Fri May  8 09:15:14 2015
  HibernationDevice: RESUME=UUID=cbeacb5e-cd21-4b18-a72f-7d6ebaec9c40
  IwConfig:
   lo        no wireless extensions.
   
   em2       no wireless extensions.
   
   em1       no wireless extensions.
  MachineType: Dell Inc. PowerEdge R320
  PciMultimedia:
   
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: 0 VESA VGA
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-52-generic root=UUID=58c5cea9-08d7-41d7-8950-cd1c5ff86cde ro splash quiet vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.13.0-52-generic N/A
   linux-backports-modules-3.13.0-52-generic  N/A
   linux-firmware                             1.127.11
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 07/10/2014
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: 2.3.3
  dmi.board.name: 0KM5PX
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A02
  dmi.chassis.type: 23
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: dmi:bvnDellInc.:bvr2.3.3:bd07/10/2014:svnDellInc.:pnPowerEdgeR320:pvr:rvnDellInc.:rn0KM5PX:rvrA02:cvnDellInc.:ct23:cvr:
  dmi.product.name: PowerEdge R320
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1453180/+subscriptions
References

[Bug 1453180] [NEW] Passive FTP is not handled properly by the ip_vs_ftp module
From: Shawn Heisey, 2015-05-08