|
Julian Anastasov wrote:
> > I did it with 1.0.6-2.2.19 and got the opposite, both groups going to
> > fwmark 1.
>
> With the persistent-fwmark patch applied?
oh - never mind
I didn't understand what you had said.
I thought this patch was already in the code.
let me try it. I'll be back as soon as I can
;-)
Since you ask on your page "who needs this" - I do (I think).
I thought grouping by fwmark was the whole point of fwmarks
that you and Ted Pavlic had in a discussion last August
on the mailing list.
this allows you to have
group 1 =(ftp,ftp-data)
group 2 =(http,https)
you can failout these groups independantly.
If you group by VIP then you have to fail both
groups together.
You can arbitarily group packets together, with
no regard to the VIP or even have a VIP at all
(eg with an LVS in front of a firewall or
infront of a transparent web cache)
At least that's what I thought the point of
fwmarks was.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
