On Tue, Oct 19, 2010 at 03:30:15PM +0200, Dirk Bonenkamp - Bean IT wrote: > Op 19-10-2010 15:19, Graeme Fowler schreef: > > On Tue, 2010-10-19 at 14:56 +0200, Dirk Bonenkamp - Bean IT wrote: > >> I still don't know what exactly the problem was with LVS-NAT... > > Very likely that iptables/netfilter conntrack module was also processing > > the VIP traffic, adding to the latency. Obviously that's only true if > > you're using a conntrack module, but this is often the default on NAT > > directors. > > > This wasn't the issue AFAIK. The conntrack modules where not loaded. > They do get loaded when adding extra NAT rules trough iptables, but when > only using LVS-NAT, they don't get loaded. The tests where done without > the modules loaded.
As a heads-up, they will be loaded in 2.6.36, and I expect there will be some performance penalty as a result. This was an oversight when the Double-NAT changes were merged. And it will be resolved in 2.6.37 - the fix has already been merged. _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
