|
Hello Julian :),
BTW, has anyone ever tested this stuff, Julian?
May be yes but you better to ask Wensong
Ahh, the sleeping beauty or the beautiful mind :). Well I'm sure that Joe can
conduct some test cases and then report the results. This way it will also get
properly documented. I mean reading this thread, he seems to have set up a test
case already with a hanging telnet ;). Hey Joe, if you're fed up with telnet,
try my phatcat [1].
The release is going to happen soon :) It will be a
really devel version with some things still missing :) BTW, Wensong added
some stuff related to RS thresholds. Contact him before going
to sync with 1.0.x, 1.1.0 has some changes.
I still don't have access to the linux-vs.org machine. There is no way I can
checkout the sources. I will contact him, probably tonight.
Sounds good. What does not make me happy is the bad
interaction with the routing. Currently, it is not possible
Netfilter NAT and especially IPVS to work on routers connected to
multiple ISPs and using multipath routes.
Then use the iproute2 NAT, it's faster anyway. How needs iptables these days :)
Ok, seriously, I know what you mean. As for the *netlink-patch, it is actually
quite non-intrusive and defines some callback functions where one can say:
Hey you there, flush my bloody state for this connection template and ctnetlink
would go there, (currently do the wrong thing), and remove a specific template
from the conntrack table.
Or you would say: Please, dear, get me the amount of packets for a specific
connection flow. And ctnetlink would go there and come back with a nice (and on
SMP unfortunately wrong) value.
All this is of course steerable from user space. Currently via ioctl's and in a
very inefficient way, just like the insertion of new rules :)
BTW, I have simple idea of moving IPVS to netlink
configuration, where we move the data in the var=value form, nothing
special. The FIB and tc are good examples. But some functions will
be needed to simplify these talks.
The idea sounds good but I didn't know that you can change FIB related things
from userspace?? Does a written architecture plan exist for this enhancement?
Something like we (actually you!) did for the IPSec load balancing enhancement?
[1] http://www.drugphish.ch/projects/network/phatcat/Phatcat-0.0.8.tar.gz
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
|
