|
Hello,
On Wed, 12 May 2004, Joshua Goodall wrote:
> On Wed, May 12, 2004 at 01:23:51AM +0300, Julian Anastasov wrote:
> > I see that you can remove the limitation when sending
> > packets but how do you accept the replies? May be you do not have
> > the VIP configured as IP address?
>
> That's right - for regular (external) clients, I'm using fwmark + iproute2
> to grab packets intended for the DIP; to capture locally sourced packets,
> I just put a -j REDIRECT into the OUTPUT chain of the nat table.
There can be another problem in 2.4 (2.6 seems to handle
this properly): ip_vs_skb_cow does not expect skbs to have valid
skb->sk, may be the skb should be copied (skb_copy) instead
reallocating only its data. You can check for problems by using
tcpdump -i lo ... Make sure there are no crashes or any kind of
memory leaks because I personally can not test such setup. For 2.6
you can remove also the skb->sk check.
> Joshua.
Regards
--
Julian Anastasov <ja@xxxxxx>
|
