|
Simon Horman wrote:
On Tue, Jan 15, 2008 at 05:13:14AM -0800, Joseph Mack NA3T wrote:
What side effects might there be? Are they worse than not being able to
NAT packets emerging from a director?
I'm not sure, and thats what concerns me.
For starters could we clarify that the patch in question is the
following one by Janusz Krzysztofik?
Also can I clarify that the aim is to be able to SNAT LVS-DR
connections ...
Hi,
I can confirm what I have already said before: this patch works for me
(now for over two years) without any unexpected side effects. The only
side effect I can see is that all LVS-DR incoming packets go through
conntrack, even if you do not intend to SNAT them. That could present
excessive load on ancient hardware, but one can just unload conntrack
modules, or turn connection tracking off for specific traffic with
PREROUTING raw hook rules.
However, I think this patch should be considered, if at all, as a
temporary solution.
Thanks,
Janusz
PS. I am still busy with a different project, but subscribed to lvs-devel.
-
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
