Hello Julian,
We can now use one ip_send_check at the beginning of ip_vs_in(),
it will delay only NAT because this is the only method that
uses its own ip_send_check after header change. IMO, the best thing
is when after each ip_defrag there is ip_send_check. But it
is better if IPVS is out of LOCAL_IN which will not happen
soon.
Yes.
o Wouldn't it be nicer to have a bitfield in the struct skbuff which
indicates the csum status? But I guess then netfilter would need to
adapt a lot of code. But I see some nice unused fields in skbuff :)
NFC_NEED_IPCSUM :)
Yes, I will ask Harald Welte just to see how he'll react. I mean he
can't loose his hair anymore since they are now very short compared to
former days :)
Yes, local node and NAT don't need this csum update, the
csum2 patch accounts it.
Where is the sweet little csum2 patch?
To control routing :) It is difficult :) But it is possible
to link one conn entry for the both directions and calling
routing with different keys (working at prerouting), NAT on FORWARD :)
Ok, do it only for LVS-DR.
Then we can work with many ISPs :) SNAT decision before routing
or more correctly, with lsrc key for established traffic. One
day I'll try it for test.
Excellent.
Hm, I only know for slab cache, if you have many size-128
entries you better to use cache. Or you have something different
in mind?
Yes, but never mind, it's offtopic here anyway. I'll go read the source
and ask you in private if I can't figure it out.
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
|