LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: ipvsadm vs iptables

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: ipvsadm vs iptables
From: Alexandre Cassen <Alexandre.Cassen@xxxxxxxxxx>
Date: Sun, 14 Jul 2002 00:10:09 +0200
Hi Imi,

So, my question is since we don't use load balancing and we just do 1-1 redirection do we gain something by using ipvs or we can just use iptables for it ?

Hmm, ... using LVS you can benefit internal DoS attack strategies defense : http://www.linux-vs.org/docs/defense.html

Since DoS generate most of the time random & different src_ip, new cnx entries are created and appended to the LVS cnx table. Since DoS attack try to memory flood remote director (by flooding LVS cnx table with fake cnx), the internal LVS DoS prevention stategie can increase security providing active handling.

can be usefull,

Best regards,
Alexandre



<Prev in Thread] Current Thread [Next in Thread>