|
Where can I find those files?
Attached.
A bit about my setup:
packets comes in via GRE tunnel and arrives into interface called
netwap. They are marked with fwmark iptables on mangle table. Then they
are marked as local using "ip rule add prio 1000 fwmark 1 table 100".
This does not mark the packets but asks the FIB to check routing table 100
for all packets marked with fwmark 1. Subtle but important difference when
we try to talk about the same thing.
Yes. You are definitely right.
And then they go through LVS and to the proxy server.
Quite a setup.
We are trying to be smart :).
As another case I tried marked packets to pass via DNAT iptables target.
Ethereal screen does not look perfect bu sites managed to open.
What is a perfectly looking ethereal screen???
All "green" screen. All the packets are ACKed in the order they arrived.
With LVS I could not open any web site.
LVS does not open web sites.
I mean when I configured access using ipvs.
Web clients are Sony Ericsson phones so I cannot upgrade all of them. :)
I own 4 of them and I would hate to fix yet another bug in their stack :).
It's interesting - Sony or Ericsson are screwing things? :)
ipvsadm -L -n -v
There is no -v flag in ipvsadm 1.2.0
ipvsadm -L -n -c
I'm running everything using DNAT now. ipvs would be much better of
course. And even now there are 6000 lines of output (wap1 9200:9201 udp
traffic is still going through ipvs).
Mindaugas
| 