|
On 01/21/2010 10:20 AM, Graeme Fowler wrote:
> On Thu, 2010-01-21 at 03:46 +0100, Dennis J. wrote:
>> The only thing I really need at this point is a way to say "if you see a
>> packet with IP X (vip) as source on (internal network) interface eth1 then
>> don't apply the martian filtering".
>
> I *think* you need to turn the rp_filter off:
>
> sysctl -w /proc/sys/net/ipv4/conf/$INTERNAL-INTERFACE/rp_filter=1
>
> I'm not 100% sure on that, though.
Hm, I tried setting /proc/sys/net/ipv4/conf/*/rp_filter all both to 0 and
to 1 but that had no effect.
According to this link one cannot control this behaviour using rp_filter:
http://www.ssi.bg/~ja/#lvsgw
The forward_shared patch apparently changes this but I'm wondering why this
hasn't been accepted into the mainline kernel yet after all these years.
The patch seems to be simple enough. I'd really like to use the LVS-DR
approach but I had hoped that either this or a similar patch had moved
upstream by now so one could simply tell the kernel to accept these
packets. Isn't this what the rp_filter flags are for after all?
Regards,
Dennis
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
