From: Julius Volz <julius.volz@gmail.com>
To: Simon Horman <horms@verge.net.au>
Cc: netfilter-devel <netfilter-devel@vger.kernel.org>,
lvs-devel@vger.kernel.org,
"Fabien Duchêne" <fabien.duchene@student.uclouvain.be>,
"Joseph Mack NA3T" <jmack@wm7d.net>
Subject: Re: [bug] FWMARKs and persistence in IPVS: The Use of Unions
Date: Tue, 28 Apr 2009 12:57:51 +0200 [thread overview]
Message-ID: <43ca39800904280357q25dd3ec4x50ee78b11a94ba3f@mail.gmail.com> (raw)
In-Reply-To: <20090428081509.GA746@verge.net.au>
Hi,
On Tue, Apr 28, 2009 at 10:15 AM, Simon Horman <horms@verge.net.au> wrote:
> [ Moving to netfilter-devel / lvs-devel for discussion on how to resolve this.
> Added Julius Volz to Cc, he wrote most of the IPv6 portion of LVS.
> Remove lvs-users from Cc, it is not an open list. ]
Thanks for the notice and sorry for the v4 breakage.
> A simple fix that comes to mind is to just store the fwmark in
> the first octet of .all, and set the other octets to zero.
> But is .ip always going to be the same as .all[0]?
I prefer this and would have assumed that it is ok, but maybe someone
else can answer that more confidently.
> Is a different approach required? For example, one where we know to compare
> .all or perhaps a single octet of .all in the case where fmarks are used.
I guess that could be done by only specializing the lookup comparisons
in __ip_vs_conn_in_get() and ip_vs_ct_in_get() when the ports are 0.
Would blow up those if-statements even more though...
> This particular change should be easy enough. I believe that fwmarks are
> only used in this way twice, both inside ip_vs_schedule(). But
> ip_vs_addr_equal() is more generic, so I'd prefer only to mangle it if
> needed.
I agree.
Julius
next prev parent reply other threads:[~2009-04-28 10:57 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-28 8:15 [bug] FWMARKs and persistence in IPVS: The Use of Unions Simon Horman
2009-04-28 9:07 ` Jan Engelhardt
2009-04-28 9:23 ` Simon Horman
2009-04-28 10:59 ` Simon Horman
2009-04-28 11:30 ` Fabien Duchêne
2009-05-01 6:40 ` Simon Horman
2009-04-28 11:59 ` Julius Volz
2009-04-28 12:27 ` Jan Engelhardt
2009-04-28 15:00 ` Simon Horman
2009-04-28 15:28 ` Jan Engelhardt
2009-04-29 0:06 ` Simon Horman
2009-04-28 10:57 ` Julius Volz [this message]
-- strict thread matches above, loose matches on Subject: below --
2009-05-07 0:43 Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43ca39800904280357q25dd3ec4x50ee78b11a94ba3f@mail.gmail.com \
--to=julius.volz@gmail.com \
--cc=fabien.duchene@student.uclouvain.be \
--cc=horms@verge.net.au \
--cc=jmack@wm7d.net \
--cc=lvs-devel@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).