|
Hello,
On Sun, 7 Jul 2002, Jeff wrote:
> Yep, I was able to successfully setup Tun accepting packets via a VIP on
> the director ("original standard" configuration). However, when I attempt
> to use Fwmarks, without the VIP on the Director, the packets don't get
> marked.
Note that the fwmark and non-fwmark based services differ
only in the fields LVS uses to check when creating new connection.
PROTO:VIP:VPORT uses only proto:daddr:dport while for FWMARK we
use the nfmark field. The local delivery mechanism is independent
from this service type. fwmark is nothing more than marking the
packet in prerouting. Nobody knows whether it will be delivered
locally or forwarded, the fwmarking is not a way to tell the
kernel to deliver the packets locally. The local delivery is
possible only when local routes are added (which happens, for
example, if IP is added) or ipchains/netfilter "redirect" is used.
Currently, LVS schedules connections only for locally delivered
packets (LOCAL_IN chain).
> Jeff
Regards
--
Julian Anastasov <ja@xxxxxx>
|
