|
Hi,
On Mon, Mar 31, 2008, Joseph Mack NA3T wrote:
> On Mon, 31 Mar 2008, Julius Volz wrote:
> > Does this have any special implications in the IPv6 case?
>
> possibly, possibly not. I was just warning you so that if
> you came across it, you would recognize it.
Ok!
> > Again, interesting info. Is there a specific relation to
> > IPv6 though?
>
> I assume you'll be testing UDP, and if it behaves strangely,
> you'll want to know which parts to blame us for :-)
I see, thanks! :)
> > Aha, interesting. Could you explain a bit more for a
> > newbie in what ways IPVS "bypasses" netfilter?
>
> LVS controlled packets don't always follow the netfilter
> path. They appear in the output without going through the
> middle. So iptables rules don't always work.
Ah, a kind colleague just forwarded me this URL:
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.filter_rules.html#path_of_an_ip_vs_packet
So that fits to what I thought before. Basically, FORWARD is skipped
over and the "forwarding" is done manually in IPVS (by sending a new
packet, changed according to the specific load balancing mechanism? In
ip_vs_xmit.c, in one of the transmitter functions).
Julius
--
Google Switzerland GmbH
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|
