|
Hi Joe,
On Fri, Apr 30, 2004 at 07:00:16AM -0400, Joseph Mack wrote:
> Julian Anastasov wrote:
> >
> > Hello,
> >
> > On Thu, 29 Apr 2004, Joseph Mack wrote:
> >
> > > if you're doing LVS-NAT then you have a smaller limit for
> > > ports, since all ports are coming from the director.
> > >
> > > when NAT'ing you only have ports 61000-65xxx, ie 4000 ports to
> > > choose from.
> >
> > These ranges are only for the connections created from
> > the 2.2 masquerading code, not for the LVS connections:
>
> I'm not thinking at all clearly.
>
> With LVS-NAT running a persistent connection virtual service
> (eg VIP:https) all connections will be coming out of the director
> from VIP:https. I was thinking about connections originating
> from boxes NAT'ed behind a NAT router, where the client
> connections come from high ports.
>
> In regular (non-lvs) NAT for 2.4, the client (high) ports are no longer
> restricted to 61k-64k?
>
> Do the NAT'ed ports collide with ports from connections made by clients
> on the NAT-router like they could with 2.2?
LVS-NAT in 2.4 (and I assume 2.6) does not modify the source port
so there is no possibility of collision.
>
> Horms wrote
>
> > LVS does not use the source port at all
> > in persistance templates. In fact it is set to 0 internally
> > so LVS can differentiate between a persistance template and
> > a connection entry.
>
> want to explain to me about persistence templates?
>
> Is there a separate structure for a persistence virtual service?
A persistance template is just like a connection entry.
It uses the same data structure. And is stored in
the same hash table. The only difference is that the source
port is set to 0 so that it can be identified as a persistance
template. This means that it will never match a hash-table lookup
for a connection entry. And a connection entry will never
match a lookup for a persistance template which is made in
the scheduling code.
The purpose of a persistance template is, in a nutshell, to
effect persistance. When a connection is started for a persistant
virtual service, the persistance template is looked up. If it
exists then it is used - that is the connection will be forwarded
to the same real server as the previous corresponding connection.
Otherwise the connection is scheduled, just like a connection for
a non-persistant virtual service, and the persistance template is
created.
Like connection entries, persistance templates have timeouts.
Actually, again, it is handled by the same code. The only difference
is that for persistance templates, the timeout is set by the
persistance timeout configured using ipvsadm. Whereas for connection
entries the timeout depends on the connection's state.
--
Horms
|
