|
I've added the documentation for the input_hook switch, and attached
both patches for net-2.6.25 (i hope the mailer doesn't mess up things
this time :).
Bye,
Raphael
0001-IPVS-Add-choice-for-connection-interception-method.patch
Description: Binary data
0002-IPVS-Runtime-interception-method-switch.patch
Description: Binary data
Am 16.01.2008 um 12:16 schrieb Janusz Krzysztofik:
Simon Horman wrote:
On Tue, Jan 15, 2008 at 05:13:14AM -0800, Joseph Mack NA3T wrote:
What side effects might there be? Are they worse than not being
able to NAT packets emerging from a director?
I'm not sure, and thats what concerns me.
For starters could we clarify that the patch in question is the
following one by Janusz Krzysztofik?
Also can I clarify that the aim is to be able to SNAT LVS-DR
connections ...
Hi,
I can confirm what I have already said before: this patch works for
me (now for over two years) without any unexpected side effects. The
only side effect I can see is that all LVS-DR incoming packets go
through conntrack, even if you do not intend to SNAT them. That
could present excessive load on ancient hardware, but one can just
unload conntrack modules, or turn connection tracking off for
specific traffic with PREROUTING raw hook rules.
However, I think this patch should be considered, if at all, as a
temporary solution.
Thanks,
Janusz
PS. I am still busy with a different project, but subscribed to lvs-
devel.
-
To unsubscribe from this list: send the line "unsubscribe lvs-devel"
in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
:: e n d i a n
:: open source - open minds
:: raphael vallazza
:: phone +39 0471 631763 :: fax +39 0471 631764
:: http://www.endian.com :: raphael (AT) endian.com
|
