From: "Julius Volz" <juliusv@google.com>
To: "Joseph Mack NA3T" <jmack@wm7d.net>
Cc: lvs-devel@vger.kernel.org, netdev@vger.kernel.org,
j.stubbs@linkthink.co.jp
Subject: Re: Adding SNAT support to LVS/NAT
Date: Sun, 14 Sep 2008 16:47:51 +0200 [thread overview]
Message-ID: <f4845fc0809140747u63f6ad63m43877bbbf09c4778@mail.gmail.com> (raw)
In-Reply-To: <f4845fc0809140339p1d3be327j98ddcb02c4efc786@mail.gmail.com>
On Sun, Sep 14, 2008 at 12:39 PM, Julius Volz <juliusv@google.com> wrote:
> On Sun, Sep 14, 2008 at 3:37 AM, Joseph Mack NA3T <jmack@wm7d.net> wrote:
>> On Sun, 14 Sep 2008, Julius Volz wrote:
>>
>>> So maybe it would already work? ;)
>>
>> No. Some highly motivated people tried doing SNAT on OUTPUT in an attempt to
>> do F5-SNAT and it didn't work. This lead to the write up in
>>
>> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.non-modified_realservers.html#F5_snat
>>
>> which brings us to where we are now.
>
> Thanks for the info! Right, I even said myself in the previous reply
> that ip_vs_postrouting() stops further processing in the POSTROUTING
> chain, so it never reaches netfilter NAT code.
Actually, what if we modify or remove that function to allow further
processing in POSTROUTING? Could SNAT work with IPVS then?
The comment above it says that the function specifically wants to
avoid further NAT by netfilter. But is this always a problem?
Julius
--
Julius Volz - Corporate Operations - SysOps
Google Switzerland GmbH - Identification No.: CH-020.4.028.116-1
next prev parent reply other threads:[~2008-09-14 14:47 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-13 11:12 Adding SNAT support to LVS/NAT Julius Volz
2008-09-13 18:17 ` Joseph Mack NA3T
2008-09-13 18:55 ` Graeme Fowler
2008-09-13 18:58 ` Joseph Mack NA3T
2008-09-14 0:41 ` Julius Volz
2008-09-14 0:31 ` Julius Volz
2008-09-14 1:37 ` Joseph Mack NA3T
2008-09-14 10:39 ` Julius Volz
2008-09-14 14:47 ` Julius Volz [this message]
2008-09-14 15:14 ` Joseph Mack NA3T
2008-09-15 1:43 ` Simon Horman
2008-09-15 15:24 ` Joseph Mack NA3T
2008-09-16 1:31 ` Jason Stubbs
2008-09-16 1:54 ` Joseph Mack NA3T
2008-09-16 2:04 ` Jason Stubbs
2008-09-16 20:45 ` Julius Volz
2008-09-17 22:53 ` Joseph Mack NA3T
2008-09-18 8:38 ` Julius Volz
2008-09-15 22:56 ` Julian Anastasov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f4845fc0809140747u63f6ad63m43877bbbf09c4778@mail.gmail.com \
--to=juliusv@google.com \
--cc=j.stubbs@linkthink.co.jp \
--cc=jmack@wm7d.net \
--cc=lvs-devel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).