On Fri, Mar 7, 2014 at 9:26 AM, Tomasz Chmielewski <t...@virtall.com> wrote:
> On Fri, 7 Mar 2014 09:18:48 -0800 > Alex Attarian <u2sas...@gmail.com> wrote: > > > I'm confused how this "iptables -t mangle -I PREROUTING -s 1.2.3.4 -j > > ACCEPT" sets a mark? Doesn't Tomasz need to set a mark (*-j MARK > > --set-mark 1)* and then tell ipvsadm to route based on fwmark? i.e.: > > ipvsadm -A -f 1 -s wrr -p 80 ? > > "iptables -t mangle -I PREROUTING -s 1.2.3.4 -j ACCEPT" doesn't set any > mark, and that's exactly why it works: any rules setting the mark > later on are simply ignored, and requests from 1.2.3.4 hit the > webserver on this director/realserver. > > One more thing I had to do was temporarily switching off this > realserver for the ldirectord (by simply setting the testpage/request to > give a bogus answer), but leaving it working otherwise. > > This way, all client traffic gets directed to the healthy realserver, > while 1.2.3.4 can test the code on the other (seemingly offline for > ldirectord) realserver. > > -- > Tomasz Chmielewski > http://wpkg.org > Sorry I missed the part where your director is also a real server... My other thought was also fw marks only exist in the kernel of the machine and never leave the machine, that's why it confused me why you were doing this also on the real server. Never mind :) _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
