LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: LVS and REDIRECT and Policy Routing [Was: Re: LVS-DR andfwmarksquest

from [Horms] [Permanent Link]
To: Joseph Mack <mack.joseph@xxxxxxx>
Subject: Re: LVS and REDIRECT and Policy Routing [Was: Re: LVS-DR andfwmarksquestion]
Cc: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Horms <horms@xxxxxxxxxxxx>
Date: Mon, 6 Oct 2003 19:12:31 +0900 
On Mon, Oct 06, 2003 at 05:39:33AM -0400, Joseph Mack wrote:
> Horms wrote:
> > 
> 
> > TPROXY looks like it would work because it is completely different
> > from REDIRECT and uses its own connection tracking.
> 
> can you explain some more? I don't know the difference

I am not sure how to explain this any more clearly.

REDIRECT uses netfilter's internal connection tracking routines.
Because of the way that LVS is implemted these do not work for
packets that are handled by LVS. Thus the connection tracking
for REDIRECT does not work. Thus the return packets from the
real servers are not modified and the connection fails.

>From my reading TPROXY uses its own connection tracking routines
(though for what reason I am not sure). These routines probably
aren't effected by LVS and thus TPROXY should work.

N.B: I have not verified this.

-- 
Horms
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: lvs problem, Horms
Next by Date:  Re: lvs problem, Joseph Mack
Previous by Thread:  Re: LVS and REDIRECT and Policy Routing [Was: Re: LVS-DR andfwmarksquestion], Joseph Mack
Next by Thread:  Re: LVS-DR and fwmarks question, Ryan P Linn
Indexes:  [Date] [Thread] [Top] [All Lists]