Hello,<br> I was going through the historical mail archives for tproxy in tcp and I found some changed functionality related to the hash tables <br> and port redirection when TPROXY is involved.<br> In SCTP the flow is proceeding as follows<br>
-Socket lookup in xt_TPROXY and xt_socket modules<br> -Store the socket reference in skb->sk and redirect the packet<br> -In input.c in sctp the association and endpoint structures are filled but the socket is reused from skb->sk?? Is this alright?<br>
If this is not alright we can also store the entire endpoint structure reference containing the socket in skb->cb <br> and forward it to input.c after redirection.<br> -Now INIT-ACK comes from the TPROXY port and not from the original destination port.By looking at the tcp patches I can see that<br>
you are storing and reusing this information and also adding an entry in the hash table to get the reply from the original port<br> and not the tproxy port.<br> Can somebody please tell me how to go about on the port redirection part and hash table part as I have no idea?<br>
Also I'm getting confused reading the mail archives as the design for TPROXY was changed (earlier it was a bit different I presume not <br> using the IP_TRANSPARENT and the mangle tables)<br> If you can tell me the outline followed for TCP I can look for similar equivalent functionality in SCTP and modify.<br>
It would be a lot quicker considering the deadline I'm on. :(<br><br> The background behind all of this is we are trying to build a Load Balancer which will accept and route upto 2 million connections <br>
from clients.TPROXY is the core element for this.<br><br>Thanks and Regards,<br> Maria<br> <br>