Re: Netfilter connection tracking support for IPVS

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Netfilter connection tracking support for IPVS
Cc: 'Julian Anastasov' <ja@xxxxxx>
Cc: kaber@xxxxxxxxx
From: Roberto Nibali <ratz@xxxxxxxxxxxx>
Date: Fri, 23 Feb 2007 09:26:32 +0100

Added Patrick McHardy to the list of recipients (hoping he does not mind too much), as he's the current netfilter maintainer from what I understand.

Yep, thats the new ****, Dependent connection tracking vs Independent connection tracking (new). When I synced patches to 2.6.20 I left this patch in old state. It looks like the new way is to clone everything from IP_NF to NF and I didn't wanted to create new ip_vs_nfct.c file for the NF case. Is the old Dependent connection tracking obsoleted?

        Can you live with Dependent connection tracking?

Unfortunately I didn't not follow netfilter development too closely the last 10 months, but I vaguely remember that they've rewritten large portions of the NAT code.

I'm not sure I know the difference between the two. I'm all ears if you
wanna get down to it.

What does it take to fix the patch to handle the new way
(CONFIG_NF_CONNTRACK_SUPPORT) instead of the old way

@Patrick: We've been discussing the forward port of the following patch:

which adds support for the connection tracking with IPVS. Up to kernel 2.6.19 it worked without major surgery from old incarnations of the patch but since 2.6.20, there has been some rewrite regarding the NAT part of netfilter. Would you be willing to give us a few pointers regarding this? Is it only a matter of proper Kconfig handling and header inclusions or is more needed?

Best regards and thanks in advance for your time,
Roberto Nibali, ratz

ps.: The lvs-users ml is probably subscribers-only, so don't hesitate to drop this email address and send the reply privately to us.
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc

<Prev in Thread] Current Thread [Next in Thread>