LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

RE: FW: LVS-Tun and Fwmarks

To: "Julian Anastasov" <ja@xxxxxx>
Subject: RE: FW: LVS-Tun and Fwmarks
Cc: "mack@xxxxxxxxxxxx" <mack@xxxxxxxxxxxxxxxxxxxx>, <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: "Jeff" <golfer2@xxxxxxxxxxxxxx>
Date: Sun, 7 Jul 2002 10:21:05 -0400
Can you provide me with the proper syntax to setup the local route using
"ip"?  (For comparison purposes, it would be interesting to see the
"iptables" command too.)

Setting up this local route seems to be where I'm going wrong.

-----Original Message-----
From: Julian Anastasov [mailto:ja@xxxxxx]
Sent: Sunday, July 07, 2002 1:13 PM
To: Jeff
Cc: mack@xxxxxxxxxxxx; lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: RE: FW: LVS-Tun and Fwmarks



        Hello,

On Sun, 7 Jul 2002, Jeff wrote:

>       Yep, I was able to successfully setup Tun accepting packets via a VIP on
> the director ("original standard" configuration).  However, when I attempt
> to use Fwmarks, without the VIP on the Director, the packets don't get
> marked.

        Note that the fwmark and non-fwmark based services differ
only in the fields LVS uses to check when creating new connection.
PROTO:VIP:VPORT uses only proto:daddr:dport while for FWMARK we
use the nfmark field. The local delivery mechanism is independent
from this service type. fwmark is nothing more than marking the
packet in prerouting. Nobody knows whether it will be delivered
locally or forwarded, the fwmarking is not a way to tell the
kernel to deliver the packets locally. The local delivery is
possible only when local routes are added (which happens, for
example, if IP is added) or ipchains/netfilter "redirect" is used.
Currently, LVS schedules connections only for locally delivered
packets (LOCAL_IN chain).

> Jeff

Regards

--
Julian Anastasov <ja@xxxxxx>




<Prev in Thread] Current Thread [Next in Thread>