diff options
Diffstat (limited to 'include/net/ip_vs.h')
| -rw-r--r-- | include/net/ip_vs.h | 107 |
1 files changed, 88 insertions, 19 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 72522f087375..95374d1696a1 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h | |||
| @@ -10,7 +10,6 @@ | |||
| 10 | 10 | ||
| 11 | #include <asm/types.h> /* for __uXX types */ | 11 | #include <asm/types.h> /* for __uXX types */ |
| 12 | 12 | ||
| 13 | #include <linux/sysctl.h> /* for ctl_path */ | ||
| 14 | #include <linux/list.h> /* for struct list_head */ | 13 | #include <linux/list.h> /* for struct list_head */ |
| 15 | #include <linux/spinlock.h> /* for struct rwlock_t */ | 14 | #include <linux/spinlock.h> /* for struct rwlock_t */ |
| 16 | #include <linux/atomic.h> /* for struct atomic_t */ | 15 | #include <linux/atomic.h> /* for struct atomic_t */ |
| @@ -505,6 +504,7 @@ struct ip_vs_conn { | |||
| 505 | * state transition triggerd | 504 | * state transition triggerd |
| 506 | * synchronization | 505 | * synchronization |
| 507 | */ | 506 | */ |
| 507 | unsigned long sync_endtime; /* jiffies + sent_retries */ | ||
| 508 | 508 | ||
| 509 | /* Control members */ | 509 | /* Control members */ |
| 510 | struct ip_vs_conn *control; /* Master control connection */ | 510 | struct ip_vs_conn *control; /* Master control connection */ |
| @@ -580,8 +580,8 @@ struct ip_vs_service_user_kern { | |||
| 580 | /* virtual service options */ | 580 | /* virtual service options */ |
| 581 | char *sched_name; | 581 | char *sched_name; |
| 582 | char *pe_name; | 582 | char *pe_name; |
| 583 | unsigned flags; /* virtual service flags */ | 583 | unsigned int flags; /* virtual service flags */ |
| 584 | unsigned timeout; /* persistent timeout in sec */ | 584 | unsigned int timeout; /* persistent timeout in sec */ |
| 585 | u32 netmask; /* persistent netmask */ | 585 | u32 netmask; /* persistent netmask */ |
| 586 | }; | 586 | }; |
| 587 | 587 | ||
| @@ -592,7 +592,7 @@ struct ip_vs_dest_user_kern { | |||
| 592 | u16 port; | 592 | u16 port; |
| 593 | 593 | ||
| 594 | /* real server options */ | 594 | /* real server options */ |
| 595 | unsigned conn_flags; /* connection flags */ | 595 | unsigned int conn_flags; /* connection flags */ |
| 596 | int weight; /* destination weight */ | 596 | int weight; /* destination weight */ |
| 597 | 597 | ||
| 598 | /* thresholds for active connections */ | 598 | /* thresholds for active connections */ |
| @@ -616,8 +616,8 @@ struct ip_vs_service { | |||
| 616 | union nf_inet_addr addr; /* IP address for virtual service */ | 616 | union nf_inet_addr addr; /* IP address for virtual service */ |
| 617 | __be16 port; /* port number for the service */ | 617 | __be16 port; /* port number for the service */ |
| 618 | __u32 fwmark; /* firewall mark of the service */ | 618 | __u32 fwmark; /* firewall mark of the service */ |
| 619 | unsigned flags; /* service status flags */ | 619 | unsigned int flags; /* service status flags */ |
| 620 | unsigned timeout; /* persistent timeout in ticks */ | 620 | unsigned int timeout; /* persistent timeout in ticks */ |
| 621 | __be32 netmask; /* grouping granularity */ | 621 | __be32 netmask; /* grouping granularity */ |
| 622 | struct net *net; | 622 | struct net *net; |
| 623 | 623 | ||
| @@ -647,7 +647,7 @@ struct ip_vs_dest { | |||
| 647 | u16 af; /* address family */ | 647 | u16 af; /* address family */ |
| 648 | __be16 port; /* port number of the server */ | 648 | __be16 port; /* port number of the server */ |
| 649 | union nf_inet_addr addr; /* IP address of the server */ | 649 | union nf_inet_addr addr; /* IP address of the server */ |
| 650 | volatile unsigned flags; /* dest status flags */ | 650 | volatile unsigned int flags; /* dest status flags */ |
| 651 | atomic_t conn_flags; /* flags to copy to conn */ | 651 | atomic_t conn_flags; /* flags to copy to conn */ |
| 652 | atomic_t weight; /* server weight */ | 652 | atomic_t weight; /* server weight */ |
| 653 | 653 | ||
| @@ -784,6 +784,16 @@ struct ip_vs_app { | |||
| 784 | void (*timeout_change)(struct ip_vs_app *app, int flags); | 784 | void (*timeout_change)(struct ip_vs_app *app, int flags); |
| 785 | }; | 785 | }; |
| 786 | 786 | ||
| 787 | struct ipvs_master_sync_state { | ||
| 788 | struct list_head sync_queue; | ||
| 789 | struct ip_vs_sync_buff *sync_buff; | ||
| 790 | int sync_queue_len; | ||
| 791 | unsigned int sync_queue_delay; | ||
| 792 | struct task_struct *master_thread; | ||
| 793 | struct delayed_work master_wakeup_work; | ||
| 794 | struct netns_ipvs *ipvs; | ||
| 795 | }; | ||
| 796 | |||
| 787 | /* IPVS in network namespace */ | 797 | /* IPVS in network namespace */ |
| 788 | struct netns_ipvs { | 798 | struct netns_ipvs { |
| 789 | int gen; /* Generation */ | 799 | int gen; /* Generation */ |
| @@ -870,10 +880,15 @@ struct netns_ipvs { | |||
| 870 | #endif | 880 | #endif |
| 871 | int sysctl_snat_reroute; | 881 | int sysctl_snat_reroute; |
| 872 | int sysctl_sync_ver; | 882 | int sysctl_sync_ver; |
| 883 | int sysctl_sync_ports; | ||
| 884 | int sysctl_sync_qlen_max; | ||
| 885 | int sysctl_sync_sock_size; | ||
| 873 | int sysctl_cache_bypass; | 886 | int sysctl_cache_bypass; |
| 874 | int sysctl_expire_nodest_conn; | 887 | int sysctl_expire_nodest_conn; |
| 875 | int sysctl_expire_quiescent_template; | 888 | int sysctl_expire_quiescent_template; |
| 876 | int sysctl_sync_threshold[2]; | 889 | int sysctl_sync_threshold[2]; |
| 890 | unsigned int sysctl_sync_refresh_period; | ||
| 891 | int sysctl_sync_retries; | ||
| 877 | int sysctl_nat_icmp_send; | 892 | int sysctl_nat_icmp_send; |
| 878 | 893 | ||
| 879 | /* ip_vs_lblc */ | 894 | /* ip_vs_lblc */ |
| @@ -889,13 +904,11 @@ struct netns_ipvs { | |||
| 889 | spinlock_t est_lock; | 904 | spinlock_t est_lock; |
| 890 | struct timer_list est_timer; /* Estimation timer */ | 905 | struct timer_list est_timer; /* Estimation timer */ |
| 891 | /* ip_vs_sync */ | 906 | /* ip_vs_sync */ |
| 892 | struct list_head sync_queue; | ||
| 893 | spinlock_t sync_lock; | 907 | spinlock_t sync_lock; |
| 894 | struct ip_vs_sync_buff *sync_buff; | 908 | struct ipvs_master_sync_state *ms; |
| 895 | spinlock_t sync_buff_lock; | 909 | spinlock_t sync_buff_lock; |
| 896 | struct sockaddr_in sync_mcast_addr; | 910 | struct task_struct **backup_threads; |
| 897 | struct task_struct *master_thread; | 911 | int threads_mask; |
| 898 | struct task_struct *backup_thread; | ||
| 899 | int send_mesg_maxlen; | 912 | int send_mesg_maxlen; |
| 900 | int recv_mesg_maxlen; | 913 | int recv_mesg_maxlen; |
| 901 | volatile int sync_state; | 914 | volatile int sync_state; |
| @@ -912,6 +925,14 @@ struct netns_ipvs { | |||
| 912 | #define DEFAULT_SYNC_THRESHOLD 3 | 925 | #define DEFAULT_SYNC_THRESHOLD 3 |
| 913 | #define DEFAULT_SYNC_PERIOD 50 | 926 | #define DEFAULT_SYNC_PERIOD 50 |
| 914 | #define DEFAULT_SYNC_VER 1 | 927 | #define DEFAULT_SYNC_VER 1 |
| 928 | #define DEFAULT_SYNC_REFRESH_PERIOD (0U * HZ) | ||
| 929 | #define DEFAULT_SYNC_RETRIES 0 | ||
| 930 | #define IPVS_SYNC_WAKEUP_RATE 8 | ||
| 931 | #define IPVS_SYNC_QLEN_MAX (IPVS_SYNC_WAKEUP_RATE * 4) | ||
| 932 | #define IPVS_SYNC_SEND_DELAY (HZ / 50) | ||
| 933 | #define IPVS_SYNC_CHECK_PERIOD HZ | ||
| 934 | #define IPVS_SYNC_FLUSH_TIME (HZ * 2) | ||
| 935 | #define IPVS_SYNC_PORTS_MAX (1 << 6) | ||
| 915 | 936 | ||
| 916 | #ifdef CONFIG_SYSCTL | 937 | #ifdef CONFIG_SYSCTL |
| 917 | 938 | ||
| @@ -922,7 +943,17 @@ static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) | |||
| 922 | 943 | ||
| 923 | static inline int sysctl_sync_period(struct netns_ipvs *ipvs) | 944 | static inline int sysctl_sync_period(struct netns_ipvs *ipvs) |
| 924 | { | 945 | { |
| 925 | return ipvs->sysctl_sync_threshold[1]; | 946 | return ACCESS_ONCE(ipvs->sysctl_sync_threshold[1]); |
| 947 | } | ||
| 948 | |||
| 949 | static inline unsigned int sysctl_sync_refresh_period(struct netns_ipvs *ipvs) | ||
| 950 | { | ||
| 951 | return ACCESS_ONCE(ipvs->sysctl_sync_refresh_period); | ||
| 952 | } | ||
| 953 | |||
| 954 | static inline int sysctl_sync_retries(struct netns_ipvs *ipvs) | ||
| 955 | { | ||
| 956 | return ipvs->sysctl_sync_retries; | ||
| 926 | } | 957 | } |
| 927 | 958 | ||
| 928 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | 959 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) |
| @@ -930,6 +961,21 @@ static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | |||
| 930 | return ipvs->sysctl_sync_ver; | 961 | return ipvs->sysctl_sync_ver; |
| 931 | } | 962 | } |
| 932 | 963 | ||
| 964 | static inline int sysctl_sync_ports(struct netns_ipvs *ipvs) | ||
| 965 | { | ||
| 966 | return ACCESS_ONCE(ipvs->sysctl_sync_ports); | ||
| 967 | } | ||
| 968 | |||
| 969 | static inline int sysctl_sync_qlen_max(struct netns_ipvs *ipvs) | ||
| 970 | { | ||
| 971 | return ipvs->sysctl_sync_qlen_max; | ||
| 972 | } | ||
| 973 | |||
| 974 | static inline int sysctl_sync_sock_size(struct netns_ipvs *ipvs) | ||
| 975 | { | ||
| 976 | return ipvs->sysctl_sync_sock_size; | ||
| 977 | } | ||
| 978 | |||
| 933 | #else | 979 | #else |
| 934 | 980 | ||
| 935 | static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) | 981 | static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) |
| @@ -942,18 +988,43 @@ static inline int sysctl_sync_period(struct netns_ipvs *ipvs) | |||
| 942 | return DEFAULT_SYNC_PERIOD; | 988 | return DEFAULT_SYNC_PERIOD; |
| 943 | } | 989 | } |
| 944 | 990 | ||
| 991 | static inline unsigned int sysctl_sync_refresh_period(struct netns_ipvs *ipvs) | ||
| 992 | { | ||
| 993 | return DEFAULT_SYNC_REFRESH_PERIOD; | ||
| 994 | } | ||
| 995 | |||
| 996 | static inline int sysctl_sync_retries(struct netns_ipvs *ipvs) | ||
| 997 | { | ||
| 998 | return DEFAULT_SYNC_RETRIES & 3; | ||
| 999 | } | ||
| 1000 | |||
| 945 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | 1001 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) |
| 946 | { | 1002 | { |
| 947 | return DEFAULT_SYNC_VER; | 1003 | return DEFAULT_SYNC_VER; |
| 948 | } | 1004 | } |
| 949 | 1005 | ||
| 1006 | static inline int sysctl_sync_ports(struct netns_ipvs *ipvs) | ||
| 1007 | { | ||
| 1008 | return 1; | ||
| 1009 | } | ||
| 1010 | |||
| 1011 | static inline int sysctl_sync_qlen_max(struct netns_ipvs *ipvs) | ||
| 1012 | { | ||
| 1013 | return IPVS_SYNC_QLEN_MAX; | ||
| 1014 | } | ||
| 1015 | |||
| 1016 | static inline int sysctl_sync_sock_size(struct netns_ipvs *ipvs) | ||
| 1017 | { | ||
| 1018 | return 0; | ||
| 1019 | } | ||
| 1020 | |||
| 950 | #endif | 1021 | #endif |
| 951 | 1022 | ||
| 952 | /* | 1023 | /* |
| 953 | * IPVS core functions | 1024 | * IPVS core functions |
| 954 | * (from ip_vs_core.c) | 1025 | * (from ip_vs_core.c) |
| 955 | */ | 1026 | */ |
| 956 | extern const char *ip_vs_proto_name(unsigned proto); | 1027 | extern const char *ip_vs_proto_name(unsigned int proto); |
| 957 | extern void ip_vs_init_hash_table(struct list_head *table, int rows); | 1028 | extern void ip_vs_init_hash_table(struct list_head *table, int rows); |
| 958 | #define IP_VS_INIT_HASH_TABLE(t) ip_vs_init_hash_table((t), ARRAY_SIZE((t))) | 1029 | #define IP_VS_INIT_HASH_TABLE(t) ip_vs_init_hash_table((t), ARRAY_SIZE((t))) |
| 959 | 1030 | ||
| @@ -1014,7 +1085,7 @@ extern void ip_vs_conn_fill_cport(struct ip_vs_conn *cp, __be16 cport); | |||
| 1014 | 1085 | ||
| 1015 | struct ip_vs_conn *ip_vs_conn_new(const struct ip_vs_conn_param *p, | 1086 | struct ip_vs_conn *ip_vs_conn_new(const struct ip_vs_conn_param *p, |
| 1016 | const union nf_inet_addr *daddr, | 1087 | const union nf_inet_addr *daddr, |
| 1017 | __be16 dport, unsigned flags, | 1088 | __be16 dport, unsigned int flags, |
| 1018 | struct ip_vs_dest *dest, __u32 fwmark); | 1089 | struct ip_vs_dest *dest, __u32 fwmark); |
| 1019 | extern void ip_vs_conn_expire_now(struct ip_vs_conn *cp); | 1090 | extern void ip_vs_conn_expire_now(struct ip_vs_conn *cp); |
| 1020 | 1091 | ||
| @@ -1184,10 +1255,8 @@ extern void ip_vs_scheduler_err(struct ip_vs_service *svc, const char *msg); | |||
| 1184 | * IPVS control data and functions (from ip_vs_ctl.c) | 1255 | * IPVS control data and functions (from ip_vs_ctl.c) |
| 1185 | */ | 1256 | */ |
| 1186 | extern struct ip_vs_stats ip_vs_stats; | 1257 | extern struct ip_vs_stats ip_vs_stats; |
| 1187 | extern const struct ctl_path net_vs_ctl_path[]; | ||
| 1188 | extern int sysctl_ip_vs_sync_ver; | 1258 | extern int sysctl_ip_vs_sync_ver; |
| 1189 | 1259 | ||
| 1190 | extern void ip_vs_sync_switch_mode(struct net *net, int mode); | ||
| 1191 | extern struct ip_vs_service * | 1260 | extern struct ip_vs_service * |
| 1192 | ip_vs_service_get(struct net *net, int af, __u32 fwmark, __u16 protocol, | 1261 | ip_vs_service_get(struct net *net, int af, __u32 fwmark, __u16 protocol, |
| 1193 | const union nf_inet_addr *vaddr, __be16 vport); | 1262 | const union nf_inet_addr *vaddr, __be16 vport); |
| @@ -1221,7 +1290,7 @@ extern struct ip_vs_dest *ip_vs_try_bind_dest(struct ip_vs_conn *cp); | |||
| 1221 | extern int start_sync_thread(struct net *net, int state, char *mcast_ifn, | 1290 | extern int start_sync_thread(struct net *net, int state, char *mcast_ifn, |
| 1222 | __u8 syncid); | 1291 | __u8 syncid); |
| 1223 | extern int stop_sync_thread(struct net *net, int state); | 1292 | extern int stop_sync_thread(struct net *net, int state); |
| 1224 | extern void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp); | 1293 | extern void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp, int pkts); |
| 1225 | 1294 | ||
| 1226 | 1295 | ||
| 1227 | /* | 1296 | /* |
| @@ -1356,7 +1425,7 @@ static inline void ip_vs_notrack(struct sk_buff *skb) | |||
| 1356 | struct nf_conn *ct = nf_ct_get(skb, &ctinfo); | 1425 | struct nf_conn *ct = nf_ct_get(skb, &ctinfo); |
| 1357 | 1426 | ||
| 1358 | if (!ct || !nf_ct_is_untracked(ct)) { | 1427 | if (!ct || !nf_ct_is_untracked(ct)) { |
| 1359 | nf_reset(skb); | 1428 | nf_conntrack_put(skb->nfct); |
| 1360 | skb->nfct = &nf_ct_untracked_get()->ct_general; | 1429 | skb->nfct = &nf_ct_untracked_get()->ct_general; |
| 1361 | skb->nfctinfo = IP_CT_NEW; | 1430 | skb->nfctinfo = IP_CT_NEW; |
| 1362 | nf_conntrack_get(skb->nfct); | 1431 | nf_conntrack_get(skb->nfct); |