lvs + nat

[Joseph Mack NA3T]

On Fri, 1 Sep 2006, Viktors Rotanovs wrote:

> I've changed NF_IP_LOCAL_IN to NF_IP_PRE_ROUTING at 
> ip_vs_in_ops in ip_vs_core.c, and now it bypasses NAT, but 
> I'm not a kernel hacker

you're on your way though.

> and I don't know which priority should be set

you mean at what level should the priority be set?

If so, you only need priority if you have multiple pieces of 
code registered with the hook. The priority arrranges the 
order in which the pieces of code get to look at the packet. 
You probably only have one piece of code interested in 
packets to the VIP, LVS, so it doesn't matter. I can't 
remember which way the priority goes, I think it's a higher 
number has more priority.

> and if it's possible to solve the problem that way.

you're allowed to do anything you want. Does it behave the 
way you want?

Look at

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.ludos_reinject_forwarder.html

Although LVS has always hooked into LOCAL_IN, it could hook 
in anywhere and perhaps it would be good to write this into 
the ip_vs code. Both Horms and Ludo have fiddled around here 
with no apparent ill-effect.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!