|
Ben North wrote:
Hi Ben,
Good to know that the e-mail address we have for you works.
> > > Generally speaking you can have neftfilter rules in place. [...]
> > > isn't the main problem that you can't use connection tracking
> > > because LVS does its own. Isn't this the problem that the antefacto
> > > patches address?
> >
> > haven't dealt with it myself. I thought iptables filter rules
> > could collide with ip_vs rules under certain circumstances.
> > Julian seems to understand the problem.
> >
> > Ben, Vinnie, Julian, what's the problem here?
>
> I think things may have changed quite a lot since I looked at all this,
> but there was a time when I thought I understood what was going on :-)
> I wrote down how I thought things worked in a README, which was archived
> at
>
> http://www.in-addr.de/pipermail/lvs-users/2002-January/004587.html
>
> The 'explanation' section might be useful.
>
> I haven't been following the list, so don't know what this particular
> thread is about, but we didn't ever try using the Director as a
> Realserver itself.
The thread started as being about using the realserver as a director,
but has moved to talk of a bit of a rewrite to handle using fwmarks a bit more
easily.
Since the rewrite involves the interaction of ip_vs with netfilter chains, I
asked
if the problems that the antefacto patches address (which I believe is
that iptables filter rules collide with ip_vs rules, but it seems I could
be wrong), can be handled at the same time.
> There may well be problems there, but perhaps with
> the README and a version of the Antefacto patch with the debugging
> defines turned on, somebody might be able to uncover what's going on? I
> don't really have access to a suitable development environment, but if
> you think I might be able to remember anything, feel free to ask :-)
>
> Good luck with it; I'm only replying to you, but if you think it'd be
> helpful, forward this on to the list.
done
Joe
--
Joseph Mack PhD, High Performance Computing & Scientific Visualization
SAIC, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
|
