|
Hi,
I have a question on behalf of a client.
When a connection is recieved by an IPVS server and forwarded
(by whatever means) to a back-end server at what stage is
this connection entered into the IPVS table. It is before or
as the packet is sent to the back-end server or delayed
until after the 3 way handshake is complete.
It has been alleged that IBMs Net Director waits until
the completion of the three way handshake to avoid the
table being filled up in the case of a SYN flood. To
my mind the existing SYN flood protection in Linux should
protect the IPVS table in any case and the connection
needs to be in the IPVS table to enable the 3 way handshake
to be completed.
A second, related question is if a packet is forwarded to
a server, and this server has failed and is sunsequently
removed from the available pool using something like
ldirectord. Is there a window where the packet
can be retransmitted to a second server. This would
only really work if the packet was a new connection.
--
Horms -> On a random on site mission.
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
