|
On Sun, May 21, 2000 at 06:49:29AM +0300, Julian Anastasov wrote:
>
> Hello,
>
> On Sat, 20 May 2000, Horms wrote:
>
> > On Sat, May 20, 2000 at 12:27:01PM -0700, Clint Byrum wrote:
> > > I've just been messing with 0.9.12(kernel 2.2.15), and the new FWmark
> > > virtual service mode.
> > > It works great, but I'd like to know of a way to have the destination port
> > > remain unchanged.
> > > What I mean is this.
> > >
> > > Virtualhost needs to serve several ports. The load balancer marks all
> > > packets to it with
> > > fwmark 1. There are then two real servers that do the actual serving.
> > >
> > >
> > > ipchains -A input -d virtualhost -m 1
> > > ipvsadm -A -f 1 -s rr
> > > ipvsadm -a -f 1 -r real1 -m
> > > ipvsadm -a -f 1 -r real2 -m
> > >
> > > Unfortunately, this causes packets to be delievered to the real servers
> > > with
> > > destination
> > > ports of 0. It would seem more logical to leave the destination port
> > > unchanged, if it is
> > > not specified.
> >
> > My testing indicates that when fwmark services are used the
> > port (0 or otherwise) specified for the real server is ignored and
> > the destination port is left unchanged. I will update the output
> > and documentation of ipvsadm to reflect this more accurately.
>
> For VS/NAT we use dport. For all other methods we don't
> use dport. May be we have to stop inheriting dport from vport
> in ipvsadm for fwmark services->destinations? For the normal services we
> have vport!=0 and it can be inherited. Is that correct? May be
> we can restrict it only for VS/NAT mode? All other methods can
> use dport=0 when fwmark!=0.
I'm working on a patch that should use the port from the incoming
connectin for VS/NAT if fwmark is used.
--
Horms
|
