|
On Thu, 10 Feb 2005, Joseph Mack wrote:
> neccessity is the mother of invention :-)
Indeed; necessity is also the mother of all confusion-based headaches!
Rolling back beyond the original "my network is broken" issue to the
"realserver as client" issue, I have a question which is probably best
answered by Joe or Horms:
A packet arrives from RS1 to the DIP "internal" (private network) interface,
destined for the VIP.
We match it in the "mangle" table and assign an fwmark of 0x99.
The packet then goes into the LVS, magic happens, and the packet then falls
out of the other side destined for another RS (say in this case RS2); I see
that the fwmark does _not_ make it through with this packet. Ideally (as I'm
not using fwmark-based LVS yet here) I'd like to be able to "--match --mark
0x99" in the POSTROUTING table and then use SNAT to change the source...
...but because the fwmark gets lost, I can't. Dumb question: will the LVS code
pass fwmarks through under any circumstances at all?
Graeme
|
