|
Hi Ken,
Haven't tried the sysctl -w net.inet.ip.check_interface=0 thing, but I
can a bit later today. I thought this might also work, but didn't get
that far.
I need to check back with the kernel sources to see the difference between this
and ip_forwarding=1. According to the FreeBSD kernel changelog this seems to be
quite a architectural difference. But that's what I meant when I told you that
I'm more of a OpenBSD/Linux guy. I only do kernel development on those two OS
(time-constraints), so I need to read up on the changes first ;).
That is the thread I was talking about.
Ok, I wouldn't call it bug, but rather a feature as one of the developers
correctly notes. There were several threads about this on various security
mailinglists including bugtraq. Search for "weak end host" and "arp problem" and
"Felix von Leitner".
No problem. I think maybe I should do a write-up on my system, Don't
see too many people using LVS/DR with FreeBSD machines. Which is too
I do and to revise your previous statement about LVS-DR not being deployed a
lot: I have a couple dozen customers that have their site or whole
infrastructure behind an LVS load balancer using LVS-DR. RS OS range from Linux
over Microsoft NT, HP/UX, *BSD, Darwin, Solaris to IRIX.
bad, because I think that being OS-Centric leaves you blind to the best
possible solution to any one problem.
I've not got the impression that people here were too OS-centric, we've had a
couple of guys/gals using various other RS OS as service providering nodes. But
a write-up on anything different than we already have is certainly always very
welcome.
I'm actually especially interested in getting my hands on a document that
describes the setup of a Postfix cluster using FreeBSD RS nodes and LVS. I've
done little tests with FreeBSD and mail-clustering and found that FreeBSD
outperformed Linux in that specific task CPU-idle wise.
Also it is generally my observation that a well configured mid-range FreeBSD
node running apache runs smoother and more stable (considering load peak) than a
Linux node in this range-segment.
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
|
