Hello, On Tue, 20 Oct 2020, longguang.yue wrote: > Hi,all: > fullnat mode refers to incoming packet's src:port and dst:port pairs are both changed at the same > time, vice versa for outgoing packets. > fullnat has existed for many years since 2009, why which is not in kernel. Not sure. What I see now is that it adds some complexity to the code. Open questions are about integration with netfilter conntracks (when conntrack=1), in the sync protocol, etc. > introduction for fullnat http://kb.linuxvirtualserver.org/wiki/IPVS_FULLNAT_and_SYNPROXY > > could we port or re-implement it in upstream? May be I don't fully understand the goals but is it worth it? Regards -- Julian Anastasov <ja@xxxxxx>
