Re: [PATCH] Runtime interception method switch

To: unlisted-recipients: ;(no To-header on input)
Subject: Re: [PATCH] Runtime interception method switch
Cc: LVS Devel <lvs-devel@xxxxxxxxxxxxxxx>
From: Janusz Krzysztofik <jkrzyszt@xxxxxxxxxxxx>
Date: Wed, 16 Jan 2008 12:16:19 +0100
Simon Horman wrote:
On Tue, Jan 15, 2008 at 05:13:14AM -0800, Joseph Mack NA3T wrote:
What side effects might there be? Are they worse than not being able to NAT packets emerging from a director?

I'm not sure, and thats what concerns me.

For starters could we clarify that the patch in question is the
following one by Janusz Krzysztofik?

Also can I clarify that the aim is to be able to SNAT LVS-DR
connections ...


I can confirm what I have already said before: this patch works for me (now for over two years) without any unexpected side effects. The only side effect I can see is that all LVS-DR incoming packets go through conntrack, even if you do not intend to SNAT them. That could present excessive load on ancient hardware, but one can just unload conntrack modules, or turn connection tracking off for specific traffic with PREROUTING raw hook rules. However, I think this patch should be considered, if at all, as a temporary solution.


PS. I am still busy with a different project, but subscribed to lvs-devel.
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

<Prev in Thread] Current Thread [Next in Thread>