[PATCH 00/12] ipvs: changes for local server and local client

[PATCH 00/12] ipvs: changes for local server and local client

[Julian Anastasov]

 	Hello,

 	The following patches fix some bugs (patch 1 and 2),
add support for NAT to local real server, add handlers in
LOCAL_OUT to properly schedule connections from local clients.
Currently, patch 9 and 10 add these handlers in LOCAL_OUT
without any configuration, i.e. we add code in OUTPUT hook
which is not good for the performance of non-IPVS traffic.
May be some config option that enables support for DNAT
to local servers and for local clients can help for this.

 	The patches are against recent nf-next and require
the "ipvs: IPv6 tunnel mode" patch. They are tested
and can be applied to nf-next after review/comments.

What works:

- NAT to local real server, even with different port, from local
or remote client

- local client:
 	- NAT, DR, TUN

 	- from LOCAL_OUT, needs client to bind socket
 	to non-VIP address before connecting if DR/TUN servers are
 	used because the output routing before OUTPUT hook
 	selects VIP as source address ignoring any preferred source
 	addresses, even if the local route is replaced.

Not tested: IPv6. I'll need help here from people with IPv6 setups.

Remaining problems:

- IPv6 defragmentation: still not implemented, we rely on netfilter defrag

Regards

--
Julian Anastasov <ja@ssi.bg>

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Hans Schillstrom]

Hi Julian

On Sunday 17 October 2010 15:12:21 Julian Anastasov wrote:
>
>  	Hello,
>
>  	The following patches fix some bugs (patch 1 and 2),
> add support for NAT to local real server, add handlers in
> LOCAL_OUT to properly schedule connections from local clients.
> Currently, patch 9 and 10 add these handlers in LOCAL_OUT
> without any configuration, i.e. we add code in OUTPUT hook
> which is not good for the performance of non-IPVS traffic.
> May be some config option that enables support for DNAT
> to local servers and for local clients can help for this.
>
>  	The patches are against recent nf-next and require
> the "ipvs: IPv6 tunnel mode" patch. They are tested
> and can be applied to nf-next after review/comments.
>
> What works:
>
> - NAT to local real server, even with different port, from local
> or remote client
>
> - local client:
>  	- NAT, DR, TUN
>
>  	- from LOCAL_OUT, needs client to bind socket
>  	to non-VIP address before connecting if DR/TUN servers are
>  	used because the output routing before OUTPUT hook
>  	selects VIP as source address ignoring any preferred source
>  	addresses, even if the local route is replaced.
>
> Not tested: IPv6. I'll need help here from people with IPv6 setups.
>

I can help you with some IPv6 testing this week.

I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.

> Remaining problems:
>
> - IPv6 defragmentation: still not implemented, we rely on netfilter defrag
>
> Regards
>
> --
> Julian Anastasov <ja@ssi.bg>
> --
> To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

--
Regards
Hans Schillstrom <hans.schillstrom@ericsson.com>

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Julian Anastasov]

 	Hello,

On Mon, 18 Oct 2010, Hans Schillstrom wrote:

>> Not tested: IPv6. I'll need help here from people with IPv6 setups.
>>
>
> I can help you with some IPv6 testing this week.

 	Thanks in advance

> I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.

 	Yes, may be in following cleanup patches because the
IPVS debugging needs improvement.

Regards

--
Julian Anastasov <ja@ssi.bg>

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Simon Horman]

On Mon, Oct 18, 2010 at 11:08:00PM +0300, Julian Anastasov wrote:
> 
> 	Hello,
> 
> On Mon, 18 Oct 2010, Hans Schillstrom wrote:
> 
> >>Not tested: IPv6. I'll need help here from people with IPv6 setups.
> >>
> >
> >I can help you with some IPv6 testing this week.
> 
> 	Thanks in advance
> 
> >I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.
> 
> 	Yes, may be in following cleanup patches because the
> IPVS debugging needs improvement.

Hi,

I am happy with this series.
Do either of you have any objections in me sending
it to Patrick for merging. The merge window is now open,
but hopefully we can still get this into 2.6.37-rc1 if we move quickly.

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Hans Schillstrom]

HOn Thursday 21 October 2010 11:21:14 Simon Horman wrote:
> On Mon, Oct 18, 2010 at 11:08:00PM +0300, Julian Anastasov wrote:
> >
> > 	Hello,
> >
> > On Mon, 18 Oct 2010, Hans Schillstrom wrote:
> >
> > >>Not tested: IPv6. I'll need help here from people with IPv6 setups.
> > >>
> > >
> > >I can help you with some IPv6 testing this week.
> >
> > 	Thanks in advance
> >
> > >I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.
> >
> > 	Yes, may be in following cleanup patches because the
> > IPVS debugging needs improvement.
>
> Hi,
>
> I am happy with this series.
> Do either of you have any objections in me sending
> it to Patrick for merging. The merge window is now open,
> but hopefully we can still get this into 2.6.37-rc1 if we move quickly.
>
Hi,
I'm also happy with it, a basic sanity check for IPv6 performed


--
Regards
Hans Schillstrom <hans.schillstrom@ericsson.com>

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Simon Horman]

On Thu, Oct 21, 2010 at 03:09:41PM +0200, Hans Schillstrom wrote:
> HOn Thursday 21 October 2010 11:21:14 Simon Horman wrote:
> > On Mon, Oct 18, 2010 at 11:08:00PM +0300, Julian Anastasov wrote:
> > >
> > > 	Hello,
> > >
> > > On Mon, 18 Oct 2010, Hans Schillstrom wrote:
> > >
> > > >>Not tested: IPv6. I'll need help here from people with IPv6 setups.
> > > >>
> > > >
> > > >I can help you with some IPv6 testing this week.
> > >
> > > 	Thanks in advance
> > >
> > > >I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.
> > >
> > > 	Yes, may be in following cleanup patches because the
> > > IPVS debugging needs improvement.
> >
> > Hi,
> >
> > I am happy with this series.
> > Do either of you have any objections in me sending
> > it to Patrick for merging. The merge window is now open,
> > but hopefully we can still get this into 2.6.37-rc1 if we move quickly.
> >
> Hi,
> I'm also happy with it, a basic sanity check for IPv6 performed

Thanks, I have sent a pull request to Patrick which includes these changes.

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Julian Anastasov]

 	Hello,

On Thu, 21 Oct 2010, Simon Horman wrote:

>>>>> I can help you with some IPv6 testing this week.
>>>>
>>>> 	Thanks in advance
>>>>
>>>>> I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.
>>>>
>>>> 	Yes, may be in following cleanup patches because the
>>>> IPVS debugging needs improvement.
>>>
>>> Hi,
>>>
>>> I am happy with this series.
>>> Do either of you have any objections in me sending
>>> it to Patrick for merging. The merge window is now open,
>>> but hopefully we can still get this into 2.6.37-rc1 if we move quickly.
>>>
>> Hi,
>> I'm also happy with it, a basic sanity check for IPv6 performed
>
> Thanks, I have sent a pull request to Patrick which includes these changes.

 	Thanks to Hans for testing the IPv6 part and to you
for sending all 12+1 patches! I'm too slow today :)

Regards

--
Julian Anastasov <ja@ssi.bg>

Re: [PATCH 00/12] ipvs: changes for local server and local client

[Simon Horman]

On Thu, Oct 21, 2010 at 11:20:02PM +0300, Julian Anastasov wrote:
> 
> 	Hello,
> 
> On Thu, 21 Oct 2010, Simon Horman wrote:
> 
> >>>>>I can help you with some IPv6 testing this week.
> >>>>
> >>>>	Thanks in advance
> >>>>
> >>>>>I would be nice to change the IPv6 address print format from %pI6 to %pI6c to get a more compact debug output.
> >>>>
> >>>>	Yes, may be in following cleanup patches because the
> >>>>IPVS debugging needs improvement.
> >>>
> >>>Hi,
> >>>
> >>>I am happy with this series.
> >>>Do either of you have any objections in me sending
> >>>it to Patrick for merging. The merge window is now open,
> >>>but hopefully we can still get this into 2.6.37-rc1 if we move quickly.
> >>>
> >>Hi,
> >>I'm also happy with it, a basic sanity check for IPv6 performed
> >
> >Thanks, I have sent a pull request to Patrick which includes these changes.
> 
> 	Thanks to Hans for testing the IPv6 part and to you
> for sending all 12+1 patches! I'm too slow today :)

No problem, I have slow days too :-)

It helped that I was sitting in the same room as both Patrick McHardy and
Dave Miller at the Netfilter Workshop at the time.