|
Julian Anastasov wrote:
>
> Hello Joe,
>
> On Tue, 10 Apr 2001, Joseph Mack wrote:
>
> > > The current LVS versions assume the VIP is the iphdr->daddr,
> > > i.e. the destination address in the datagram and this addresses is
> > > used to lookup/create the template.
> >
> > how about your persistent-patch, which I've been working with?
I just tested it.
iptables puts fwmark=1 on any packet with
-d = IP on a NIC on outside of the director
and
--dport telnet
ipvsadm forwards by VS-DR any packets with fwmark=1
2 clients, both in the same network as the outside
of the director.
Clients also have a second NIC for receiving packets
back from real-servers.
With the default persistence granularity (/32), each client
connects to different real-servers (but each client
goes to the same real-server each time).
With the persistence granularity =/24 both clients connect to
the same real-server (ie any number of connections from the
two clients all come to one real-server).
I assume the persistence granularity is associated with the IP
on the outside of the director.
Having persistence granularity with a VIP makes sense.
However with fwmarks it makes no sense to me (what is fwmark/24?).
What if the iptables rules are a crazy mix of targets
(networks, hosts, ports with no IP as for a transparent web cache)?
Persistence granularity was designed for people coming in from
large proxy servers (eg AOL). With fwmarks, this can be handled
by iptables rules.
Is there a function for persistence granularity with fwmark?
If you take the default persistence granularity, you
get the behaviour I expect.
(hope the easter bunny visits you on Sunday. we have the easter bilby
http://members.ozemail.com.au/~bilbies/Easter_Bilby.htm where I come from)
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
