- 1. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: Julian Anastasov <ja@xxxxxx>
- Date: Fri, 14 Sep 2012 11:34:47 +0300 (EEST)
- Hello, Thanks for the information! It seems conntrack=1 when properly configured works better because we do not recreate conntracks for every IPVS packet. Regards -- Julian Anastasov <ja@xxxxxx> ____
- /html/lvs-users/2012-09/msg00013.html (13,434 bytes)
- 2. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: lvs@xxxxxxxxxx
- Date: Tue, 11 Sep 2012 22:22:59 +0100 (BST)
- I should give you some more information about my directors. As well as being LVS directors they are doing firewalling with netfilter. I use netfilter marks to tell IPVS which connections to route to
- /html/lvs-users/2012-09/msg00012.html (12,958 bytes)
- 3. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: lvs@xxxxxxxxxx
- Date: Tue, 11 Sep 2012 21:52:53 +0100 (BST)
- That patch solves the problem, at least for ICMP port unreachable packets. I tested ICMP port unreachable packets without the patch and like ICMP must fragment packets they were not being forwarded w
- /html/lvs-users/2012-09/msg00011.html (15,117 bytes)
- 4. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: Julian Anastasov <ja@xxxxxx>
- Date: Tue, 11 Sep 2012 02:18:30 +0300 (EEST)
- Hello, I remember that I test forwarding of ICMP from client to real server by adding REJECT rule in client box, for example: test_client# iptables -I INPUT -p tcp -s VIP --sport 80 -j REJECT It will
- /html/lvs-users/2012-09/msg00010.html (10,584 bytes)
- 5. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: lvs@xxxxxxxxxx
- Date: Mon, 10 Sep 2012 23:26:13 +0100 (BST)
- Comments inline below. Thanks Tim I am using NAT as the forwarding method. I do have a test environment, with a CentOS 6 director. I will give this a go tomorrow. I just need to find a client on a ne
- /html/lvs-users/2012-09/msg00009.html (16,985 bytes)
- 6. Re: [lvs-users] NFCT and PMTU (score: 1)
- Author: Julian Anastasov <ja@xxxxxx>
- Date: Tue, 11 Sep 2012 00:16:43 +0300 (EEST)
- Hello, I can try to reproduce it with recent kernel. Can you tell me what forwarding method is used? NAT? Do you have a test environment, so that you can see what is shown in logs when IPVS debugging
- /html/lvs-users/2012-09/msg00008.html (12,861 bytes)
- 7. [lvs-users] NFCT and PMTU (score: 1)
- Author: lvs@xxxxxxxxxx
- Date: Mon, 10 Sep 2012 15:37:17 +0100 (BST)
- I have a number of LVS directors running a mixture of CentOS 5 and CentOS 6 (running kernels 2.6.18-238.5.1 and 2.6.32-71.29.1). I have applied the ipvs-nfct patch to the kernel(s). When I set /proc/
- /html/lvs-users/2012-09/msg00007.html (9,130 bytes)
This search system is powered by
Namazu