At Facebook we use ipip forwarding to deliver packets from our layer 4 ipvs
load balancers to our layer 7 proxies. Today these layer 7 proxies are all
dual stacked, so we can simply send v4 over v4 and v6 over v6. In the
future, we're going to have v6-only layer 7 load balancers (no internal v4
address). To deal with this, we'll forward v4 packets in v6 tunnels. This
patchset introduces the necessary functionality into ipvs.
The noteworthy limitation of this is that it is not compatible with state
synchronization, so great care is taken to keep these things mutually
exclusive.
This patchset includes changes that add an additional netlink attribute to
destinations and changes that plumb the destination address family through
parts of the code where it was assumed that it was the same as the service.
Finally, there's a change that updates the transmit functions for tunneling
to share common code and support v4 in v6 and vice versa.
Alex Gartrell (7):
ipvs: Add destination address family to netlink interface
ipvs: Supply destination addr family to ip_vs_{lookup_dest,find_dest}
ipvs: Pass destination address family to ip_vs_trash_get_dest
ipvs: Supply destination address family to ip_vs_conn_new
ipvs: maintain a mixed_address_family_dest count
ipvs: prevent mixing heterogeneous pools and synchronization
ipvs: support ipv4 in ipv6 and ipv6 in ipv4 tunnel forwarding
include/net/ip_vs.h | 14 ++++-
include/uapi/linux/ip_vs.h | 3 +
net/netfilter/ipvs/ip_vs_conn.c | 23 +++++--
net/netfilter/ipvs/ip_vs_core.c | 9 +--
net/netfilter/ipvs/ip_vs_ctl.c | 109 +++++++++++++++++++++++++-------
net/netfilter/ipvs/ip_vs_sync.c | 14 +++--
net/netfilter/ipvs/ip_vs_xmit.c | 135 ++++++++++++++++++++++++++--------------
7 files changed, 222 insertions(+), 85 deletions(-)
--
1.8.1
--
To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|