LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: FWmark & Masq destination port.

To: Horms <horms@xxxxxxxxxxxx>
Subject: Re: FWmark & Masq destination port.
Cc: Clint Byrum <cbyrum@xxxxxxx>, Lvs-Users <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 21 May 2000 07:14:23 +0300 (EEST)
        Hello,

On Sat, 20 May 2000, Horms wrote:

> >     For VS/NAT we use dport. For all other methods we don't
> > use dport. May be we have to stop inheriting dport from vport
> > in ipvsadm for fwmark services->destinations? For the normal services we
> > have vport!=0 and it can be inherited. Is that correct? May be
> > we can restrict it only for VS/NAT mode? All other methods can
> > use dport=0 when fwmark!=0.
> 
> I'm working on a patch that should use the port from the incoming
> connectin for VS/NAT if fwmark is used.

        Wonderful! ipvsadm.c must not inherit dport for VS/NAT
destination when the service is fwmark based. We can't inherit
the dport from packets. For VS/NAT destinations it is possible
dport!=vport. So, only ipvsadm.c needs to be patched. We have
to disallow specifying VS/NAT destinations with dport=0 for
fwmark based services. We can't inherit any port. We need this
port to be specified from the user.


Regards

--
Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>



<Prev in Thread] Current Thread [Next in Thread>