From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [NETFILTER 04/05]: nf_nat: always select same SNAT source for same host
Date: Wed, 27 Feb 2008 17:31:59 +0100 [thread overview]
Message-ID: <47C5907F.3060904@trash.net> (raw)
In-Reply-To: <20080227131432.26831.2125.sendpatchset@localhost.localdomain>
Patrick McHardy wrote:
> [NETFILTER]: nf_nat: always select same SNAT source for same host
>
> We've removed the SAME target in 2.6.25-rc since it had 32/64 bit compat
> problems and the NAT core provides the same behaviour regarding IP
> selection. This turned out to be not entirely correct though, the
> NAT core only selects the same IP from a range for the same src,dst
> combination. Some people need the same IP for all destinations however.
>
> The easiest way to do this is to ignore the destination IP when
> doing SNAT. Since we're using jhash, we still get good distribution
> for multiple source IPs.
>
> Tested-by: David Lau <mintypickle@gmail.com>
>
> Signed-off-by: Patrick McHardy <kaber@trash.net>
Please drop this patch for now, David reported some bad distribution
during further tests that I want to look into.
next prev parent reply other threads:[~2008-02-27 16:32 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-27 13:14 [NETFILTER 00/05]: Netfilter fixes Patrick McHardy
2008-02-27 13:14 ` [NETFILTER 01/05]: nf_conntrack: fix smp_processor_id() in preemptible code warning Patrick McHardy
2008-02-27 20:09 ` David Miller
2008-02-27 13:14 ` [NETFILTER 02/05]: xt_conntrack: fix missing boolean clamping Patrick McHardy
2008-02-27 20:10 ` David Miller
2008-02-27 13:14 ` [NETFILTER 03/05]: xt_conntrack: fix IPv4 address comparison Patrick McHardy
2008-02-27 20:20 ` David Miller
2008-02-27 13:14 ` [NETFILTER 04/05]: nf_nat: always select same SNAT source for same host Patrick McHardy
2008-02-27 16:31 ` Patrick McHardy [this message]
2008-02-27 20:07 ` David Miller
2009-01-13 14:24 ` Bernhard Schmidt
2008-02-27 13:14 ` [NETFILTER 05/05]: Fix NF_QUEUE_NR() parenthesis Patrick McHardy
2008-02-27 20:21 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47C5907F.3060904@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.