mack.joseph at epa.gov
Wed Oct 16 12:09:28 BST 2002
> Personally I like that method of doing things too (after all, someone
> who is not me named it Horms' method :). However, it doesn't always work
> as the source address of reply packets may be set to the IP address of
> the interface that the packet was sent out of, rather than virtualip.
> Clearly this is not good.
When we at OLS 2001 and talked to Harald Welte about this, I remember
saying to you that it wasn't really a problem as we could handle it
with fwmark. I had forgotten at the time with fwmark that you need
the VIP on the director to receive the packet, whereas with transparent
proxy you don't. If I'd realised this at the time I would have lobbied
more strongly to have the 2.4 behaviour match the 2.2 behaviour.
I've talked to Julian about it since and he says that he can accept
packets on the director with fwmark but without the VIP, but he
has to fiddle the routing tables to do it. He says it's on his list
of things to do. I really liked the TP behaviour in 2.2 and I'm
sorry we've lost it.
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor
to the National Environmental Supercomputer Center,
mailto:mack.joseph at epa.gov ph# 919-541-0007, RTP, NC, USA
More information about the lvs-users