[lvs-users] ipvsadm and packets leaving a gre tunnel

Marco Lorig mlorig at gmx.net
Sun Aug 3 22:33:02 BST 2008


>so ip_vs() is not handling icmp correctly at least for LVS-NAT. Thanks for
tracking this down. icmp handling has been built into LVS since the really
early days. I doubt if gre was in anyone's >mind at the time. I think it was
mostly for host unreachable.

If I understand correctly, NEED_TO_FRAGMENT is a subtype of HOST/DESTINATION
UNREACHABLE so it "should" theoreticaly work.

>ip_vs() does its own nat'ing, so using commands from iptables will not
help.

I thought this is only for ip_vs: /proc/sys/net/ipv4/vs/nat_icmp_send ?

Marco





More information about the lvs-users mailing list