aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorJulian Anastasov <ja@ssi.bg>2010-10-17 09:24:37 -0400
committerSimon Horman <horms@verge.net.au>2010-10-21 04:50:41 -0400
commit190ecd27cd7294105e3b26ca71663c7d940acbbb (patch)
tree0dfc3569862e260a7c35c7dee14332de4345eeba /include/net
parentcf356d69db0afef692cd640917bc70f708c27f14 (diff)
ipvs: do not schedule conns from real servers
This patch is needed to avoid scheduling of packets from local real server when we add ip_vs_in in LOCAL_OUT hook to support local client. Currently, when ip_vs_in can not find existing connection it tries to create new one by calling ip_vs_schedule. The default indication from ip_vs_schedule was if connection was scheduled to real server. If real server is not available we try to use the bypass forwarding method or to send ICMP error. But in some cases we do not want to use the bypass feature. So, add flag 'ignored' to indicate if the scheduler ignores this packet. Make sure we do not create new connections from replies. We can hit this problem for persistent services and local real server when ip_vs_in is added to LOCAL_OUT hook to handle local clients. Also, make sure ip_vs_schedule ignores SYN packets for Active FTP DATA from local real server. The FTP DATA connection should be created on SYN+ACK from client to assign correct connection daddr. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/ip_vs.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 0e4618470ce..9d5c1b96530 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -849,7 +849,8 @@ extern int ip_vs_unbind_scheduler(struct ip_vs_service *svc);
849extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name); 849extern struct ip_vs_scheduler *ip_vs_scheduler_get(const char *sched_name);
850extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler); 850extern void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler);
851extern struct ip_vs_conn * 851extern struct ip_vs_conn *
852ip_vs_schedule(struct ip_vs_service *svc, struct sk_buff *skb); 852ip_vs_schedule(struct ip_vs_service *svc, struct sk_buff *skb,
853 struct ip_vs_protocol *pp, int *ignored);
853extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, 854extern int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
854 struct ip_vs_protocol *pp); 855 struct ip_vs_protocol *pp);
855 856