[tproxy] Interaction with IPVS
Tim Burress
hokousha2001@yahoo.com
Thu, 14 Oct 2004 03:04:19 -0700 (PDT)
Hello!
We're running into another potential interaction, this
time between tproxy and IPVS
http://www.linuxvirtualserver.org
on Linux 2.4.27. What we see with TPPROXY 2.0, and
going at least as far back as 1.9.6, is that incoming
connections that go through IPVS for load balancing
are properly mapped to a real server, but when the
reply packets come back from the real server, they
aren't recognized. Conntrack considers the connection
[UNREPLIED] even though tcpdump shows that the reply
packets are arriving with the expected source and
destination address/ports. It seems like the reply
packets are being dropped.
The only evidence suggesting that TPROXY is involved
at this point is the observation that the problem
doesn't appear when we use TPROXY 1.2. One other data
point is that, when we use TPROXY 2.0, the problem
appears even when the module is not loaded, so it
seems to be a side effect of patches to other modules.
I realize this is vague, and we're trying to track it
down, but I thought I would post and just see if
anyone else has observed similar behavior, or if there
are any ideas for locating the source of the problem.
Thanks!
Tim
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com