|
Hello,
On Thu, 29 Sep 2005, Nicolas Baradakis wrote:
> The RADIUS protocol per RFC 2865 is based on UDP: each request is a
> single independant packet. Many RADIUS implementations use only a
> single UDP socket to send their requests, and LVS mistakenly think it
> is a persistant connection. Things are worse when using a RADIUS
> proxy: there is only one source IP and all the packets go to the same
> real server.
Are they accounting packets, without reply packets?
> Now I'd like to upgrade my LVS servers to kernel 2.6.13, that's why I
> had to port the set of patches to newer versions of the kernel and
> related utilities.
>
> New patches are in attachement, in hope they can be useful to other
> people. Please consider merging them in LVS sources, too.
I agree that this feature can be included in 2.6.15+ if
Wensong and Horms agree, they should comment for the changes and
especially for the user part. Just some comments from me:
- Starting from 2.6.13 ip_vs_conn_expire_now does not need cp reference
for callers, so the change in ip_vs_conn_put() should just alter the
2nd arg when calling mod_timer, depending on IP_VS_CONN_F_ONE_PACKET,
sort of:
void ip_vs_conn_put(struct ip_vs_conn *cp)
{
unsigned long t = (cp->flags & IP_VS_CONN_F_ONE_PACKET) ?
0 : cp->timeout;
mod_timer(&cp->timer, jiffies+t);
__ip_vs_conn_put(cp);
}
- In the following change to ipvsadm you are missing '!':
@@ -960,10 +972,15 @@
if (ce.cmd == CMD_ADD || ce.cmd == CMD_EDIT) {
/* Make sure that port zero service is persistent */
if (!ce.svc.fwmark && !ce.svc.port &&
- (ce.svc.flags != IP_VS_SVC_F_PERSISTENT))
+ (ce.svc.flags & IP_VS_SVC_F_PERSISTENT))
fail(2, "Zero port specified "
"for non-persistent service");
Regards
--
Julian Anastasov <ja@xxxxxx>
|
