Mail Archive Search: <+subject:/^(?:^\s*(re|sv|fwd|fw)[\[\]\d]*[:>-]+\s*)*Inability\s+to\s+IPVS\s+DR\s+with\s+nft\s+dnat\s+since\s+9971a514ed26\s*$/>

Results:

References: [ +subject:/^(?:^\s*(re|sv|fwd|fw)[\[\]\d]*[:>-]+\s*)*Inability\s+to\s+IPVS\s+DR\s+with\s+nft\s+dnat\s+since\s+9971a514ed26\s*$/: 6 ]

Total 6 documents matching your query.

1. Re: Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Julian Anastasov <ja@xxxxxx>; Date: Fri, 3 Dec 2021 23:48:51 +0200 (EET); Hello, Yes, this call is supposed to route locally generated packets after daddr is translated by Netfilter. But IPVS uses LOCAL_OUT hook to post packets to real servers. If you use DR method, daddr; /html/lvs-devel/2021-12/msg00003.html (15,060 bytes)
2. Re: Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>; Date: Fri, 3 Dec 2021 10:40:21 +0100; Hi, This priority number does not look correct, this should be -100 which is NF_IP_PRI_NAT_DST (in recent nftables versions you can use: ... priority dstnat; Why do you need DNAT in this case? In the; /html/lvs-devel/2021-12/msg00002.html (16,054 bytes)
3. Re: Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Simon Kirby <sim@xxxxxxxxxx>; Date: Fri, 3 Dec 2021 00:34:52 -0800; I had some time to set up some test VMs for this, which I can post if you'd like (several GB), or I can tarball up the configs. Our setup still doesn't work in 5.15, and we have some LVS servers held; /html/lvs-devel/2021-12/msg00001.html (13,803 bytes)
4. Re: Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Simon Kirby <sim@xxxxxxxxxx>; Date: Wed, 27 Mar 2019 08:34:23 -0700; $ext_ip is something reachable from the "outside"; it just has to be something which can get to the nft box that isn't the real server or the same host. We have a public IP in this case. $vip is some; /html/lvs-devel/2019-03/msg00033.html (11,160 bytes)
5. Re: Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Florian Westphal <fw@xxxxxxxxx>; Date: Wed, 27 Mar 2019 10:30:27 +0100; I have a hard time figuring out how to expand $ext_ip, $vip and $real_ip, and where to place those addresses on the nft machine.; /html/lvs-devel/2019-03/msg00032.html (9,928 bytes)
6. Inability to IPVS DR with nft dnat since 9971a514ed26 (score: 1): Author: Simon Kirby <sim@xxxxxxxxxx>; Date: Tue, 26 Mar 2019 23:26:50 -0700; Hello! We have been successfully using nft dnat and IPVS in DR mode on 4.9, 4.14 kernels, but since upgrading to 4.19, such rules now appear to miss the IPVS input hook and instead appear to hit loca; /html/lvs-devel/2019-03/msg00031.html (9,927 bytes)

Current List: 1 - 6
Page: [1]