|
Does the ipvs_nfct patch is available for the debian
Etch Kernel ?
Harry
--- Joseph Mack NA3T <jmack@xxxxxxxx> a écrit :
> On Sun, 3 Jun 2007, harry gaillac wrote:
>
> > Hello,
> >
> > I use ldirectord/ipvsadm on a box (Debian Etch)
> where
> > netfilter is running with statefull rules.
> >
> > I read
> >
>
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.filter_rules.html
> >
> > I tested the mail service into the real servers
> via
> > LVS_NAT without statefull rules (netfiler) it's ok
> !
> >
> > When I load statefull rules a connection is opened
> > between a external mail server (client) and my
> real
> > servers but the TCP session seem to be waiting.
> >
> > Is there a solution to run on the same box
> > netfilter/ipvsadm with statefull rules ?
> > Is it the ip_vs_nfct module or something else ?
>
> There are some collisions between iptables and LVS.
> There
> are more collisions with LVS-NAT. There is a whole
> bunch of
> code around in patches to address this problem, but
> they
> aren't in the code and haven't been tested. While
> the
> situation is in the air like this, I haven't kept
> track of
> what solves what. I believe most of what you want is
> in the
> nfct patches. If this doesn't work, then you can
> either go
> to LVS-DR or move your stateful filtering to an
> external
> box.
>
> Joe
>
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant
> map
> generator at http://www.wm7d.net/azproj.shtml
> Homepage http://www.austintek.com/ It's GNU/Linux!
>
> _______________________________________________
> LinuxVirtualServer.org mailing list -
> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to
> lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to
> http://lists.graemef.net/mailman/listinfo/lvs-users
>
_____________________________________________________________________________
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail
|
