On Fri, Mar 7, 2014 at 3:53 AM, Ferenc Wagner <wf...@niif.hu> wrote: > Patrick Schaaf <net...@bof.de> writes: > > > 2014-03-07 11:52 GMT+01:00 Tomasz Chmielewski <t...@virtall.com>: > > > >> I was wondering if I can use ipvsadm not only for load balancing, but > >> also for "code testing". > > > > The key to such usage, is fwmark based LVS virtual hosts. You then use > > the iptables -t mangle PREROUTING to set firewall mark [...] > > Just a note: you don't *have to* use the mangle table (though oldish > kernels restrict the MARK target to the mangle table), if you don't want > to base your routing decision on fwmarks. For LVS virtual services, you > don't. > -- > Regards, > Feri. > > > I'm confused how this "iptables -t mangle -I PREROUTING -s 1.2.3.4 -j ACCEPT" sets a mark? Doesn't Tomasz need to set a mark (*-j MARK --set-mark 1)* and then tell ipvsadm to route based on fwmark? i.e.: ipvsadm -A -f 1 -s wrr -p 80 ?
Cheers, Alex _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
