|
Attached.
Sorry, not on my end. Something ate them in between. Could you upload
them somewhere zipped?
This does not mark the packets but asks the FIB to check routing table
100 for all packets marked with fwmark 1. Subtle but important
difference when we try to talk about the same thing.
Yes. You are definitely right.
And then they go through LVS and to the proxy server.
Quite a setup.
We are trying to be smart :).
I hope not too smart? :)
As another case I tried marked packets to pass via DNAT iptables
target. Ethereal screen does not look perfect bu sites managed to open.
What is a perfectly looking ethereal screen???
All "green" screen. All the packets are ACKed in the order they arrived.
:) Glad I know now what a perfectly looking ethereal screen is. These
are lab or R.Stevens in the '80s conditions.
With LVS I could not open any web site.
LVS does not open web sites.
I mean when I configured access using ipvs.
I slowly get it. You have tried to load balance your WAP connections
using LVS, but it did not work and you're now DNAT'ing your mobile
phones to a single proxy?
Web clients are Sony Ericsson phones so I cannot upgrade all of
them. :)
I own 4 of them and I would hate to fix yet another bug in their stack
:).
It's interesting - Sony or Ericsson are screwing things? :)
Let's not go there :). Plus, after "Tornado'ing" my phones NUA detection
does not work anymore.
ipvsadm -L -n -v
There is no -v flag in ipvsadm 1.2.0
How true and maybe also sad. This was taken from my local ipvsadm tool.
ipvsadm -L -n -c
I'm running everything using DNAT now. ipvs would be much better of
course. And even now there are 6000 lines of output (wap1 9200:9201 udp
traffic is still going through ipvs).
IPVS must work. I don't yet fully understand your setup. See my second
email in this thread.
Best regards,
Roberto Nibali, ratz
--
echo
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
| 