Hi, all. I have a question on NFQUEUE's --queue-balance option. Current implementaion of --queue-balance doesn't balance well in some environments, because the hash value is calculated only using saddr, daddr and protocol in the ip-header. In some environment, these hash parameters are not distributed well (ie. An environment consists of 1-server and a few clients). My question is why NFQUEUE doesn't use source port number as hash parameter to make it balance well? If source port number is used besides saddr, daddr and porotocol, packets of a tcp-flow are sent to the queue. I know that, kernel's flow based ECMP also uses source and dest port number after 4.12. Give me some hints. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
