Hi, On Mon, Mar 31, 2008, Joseph Mack NA3T wrote: > On Mon, 31 Mar 2008, Julius Volz wrote: > > Does this have any special implications in the IPv6 case? > > possibly, possibly not. I was just warning you so that if > you came across it, you would recognize it. Ok! > > Again, interesting info. Is there a specific relation to > > IPv6 though? > > I assume you'll be testing UDP, and if it behaves strangely, > you'll want to know which parts to blame us for :-) I see, thanks! :) > > Aha, interesting. Could you explain a bit more for a > > newbie in what ways IPVS "bypasses" netfilter? > > LVS controlled packets don't always follow the netfilter > path. They appear in the output without going through the > middle. So iptables rules don't always work. Ah, a kind colleague just forwarded me this URL: http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.filter_rules.html#path_of_an_ip_vs_packet So that fits to what I thought before. Basically, FORWARD is skipped over and the "forwarding" is done manually in IPVS (by sending a new packet, changed according to the specific load balancing mechanism? In ip_vs_xmit.c, in one of the transmitter functions). Julius -- Google Switzerland GmbH -- To unsubscribe from this list: send the line "unsubscribe lvs-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
