On 12 September 2017 at 08:00, Thomas Rosenstein <thomas.rosenstein@xxxxxxxxxxxxxxxx> wrote: > Hello, > > I'm trying to setup L3 load balancing (with direct server return) which > requires me to send back or receive packets with a certain src/dst address, > but for these packets the dst address is replaced on the load balancer, then > routed and are arriving on my linux container. > I guess you could do this with nftables. You can perform this kind of load balancing with nftables out of the box [0]. Note that nftables should be able to work with DSCP, so you can combine both things (matching, load-balancing) with the same technology. Please, read the docs in our wiki and do some tests. After that, it would be great if you come back here and report your experience :-) Perhaps we can generate a concrete example and put it in the wiki for future references. [0] https://wiki.nftables.org/wiki-nftables/index.php/Load_balancing -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
