lvs-devel
|
|
lvs-devel
|
| To: | Julian Anastasov <ja@xxxxxx> |
|---|---|
| Subject: | Re: [PATCH] ipvs: skip ipvs snat processing when packet dst is not vip |
| Cc: | Duan Jiong <djduanjiong@xxxxxxxxx>, pablo@xxxxxxxxxxxxx, netdev@xxxxxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx |
| From: | Florian Westphal <fw@xxxxxxxxx> |
| Date: | Tue, 20 May 2025 15:44:37 +0200 |
Julian Anastasov <ja@xxxxxx> wrote: > But the following packet is different from your > initial posting. Why client connects directly to the real server? > Is it allowed to have two conntracks with equal reply tuple > 192.168.99.4:8080 -> 192.168.99.6:15280 and should we support > such kind of setups? I don't even see how it would work, if you allow C1 -> S C2 -> S ... in conntrack and you receive packet from S, does that need to go to C1 or C2? Such duplicate CT entries are free'd (refused) at nf_confirm ( conntrack table insertion) time. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] ipvs: skip ipvs snat processing when packet dst is not vip, Julian Anastasov |
|---|---|
| Next by Date: | Re: [PATCH] ipvs: skip ipvs snat processing when packet dst is not vip, Duan Jiong |
| Previous by Thread: | Re: [PATCH] ipvs: skip ipvs snat processing when packet dst is not vip, Julian Anastasov |
| Next by Thread: | Re: [PATCH] ipvs: skip ipvs snat processing when packet dst is not vip, Duan Jiong |
| Indexes: | [Date] [Thread] [Top] [All Lists] |