|
Tao Zhao wrote:
> I am reading the source code of LVS and found out that it adds ip_vs_in()
> to netfilter hook NF_IP_LOCAL_IN to change the destination of packets. As
> I understand, this hook is called AFTER routing decisions have reached. So
> how can it forwards the packet to the new assinged destination without
> routing? I thought the right place to change destination is the
> NF_IP_PRE_ROUTING hook. Am I missing something?
You are not.
Instead of rewriting the packet inside the normal packet flow of Linux-2.4,
IPVS accepts the packet and constructs a new one, routes it and sends it
out.. This approach does not make much sense for VS-NAT within the netfilter
framework, but fits quite well for the other modes.
--
Henrik Nordstrom
MARA Systems AB
Sweden
|
