|
Hello,
On Tue, 19 Dec 2000, Anmol Sheth wrote:
> Hi everybody,
> We were looking at the LVS code and could not figure out the
> masquerading part i.e. the reply from the real server to the clent. We
> also traced through the ip_queue_xmit() function whci was not of much
> help.
> We could not figure which portion of the Linux networking code handles
> the maquerading part.
> We are running LVS - NAT on a 0.9.12-2.2.14 ipvs on a 2 machine
> network with the real server configured on the loopback of the virtual
> server. Even ip_masquerade() does not seem to change the ip entries in
> the packet.
You don't provide any information for your setup. There are so
many possible reasons the networking not to work in the "expected" way.
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
There is no such function ip_masquerade. The path is:
drivers/net/<PACKET_DRIVER>.c
The packet driver calls netif_rx()
net/core/dev.c:netif_rx()
enqueue packet in backlog
net/core/dev.c:net_bh()
call ip_rcv() for IP protocol
net/ipv4/ip_input.c:ip_rcv()
- defragmentation
- input packet filter (firewall)
- ip_route_input() decides what function to call loading
skb->dst->input with ip_local_deliver (LOCAL_IN) or
ip_forward (FORWARD)
- call skb->dst->input() => ip_local_deliver()/ip_forward()
1. Demasquerading (out -> in)
ip_input.c:ip_local_deliver()
ip_masq.c:ip_fw_demasquerade()
I.e.
-> routing -> LOCAL_IN -> LVS/MASQ
2. Masquerading (in -> out)
ip_forward.c:ip_forward()
ip_masq.c:ip_fw_masquerade()
I.e.
-> routing -> FORWARD -> LVS/MASQ
> Could someone please suggest as to where exactly is the ip address changed
> back to that of the vip when the packet arrives from the real server to the
> VS.
net/ipv4/ip_masq.c:ip_fw_masquerade():
/*
* Set iph addr and port from ip_masq obj.
*/
iph->saddr = ms->maddr;
h.portp[0] = ms->mport;
> Thanx in advance,
> Anmol Sheth.
Regards
--
Julian Anastasov <ja@xxxxxx>
|
