[PATCH 2.6] iptables CLUSTERIP target

To:	David Miller <davem@xxxxxxxxxxxxx>
Subject:	[PATCH 2.6] iptables CLUSTERIP target
From:	Harald Welte <laforge@xxxxxxxxxxxxx>
Date:	Thu, 21 Oct 2004 00:38:28 +0200
Cc:	Linux Netdev List <netdev@xxxxxxxxxxx>, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, lmb@xxxxxxx
Mail-followup-to:	Harald Welte <laforge@xxxxxxxxxxxxx>, David Miller <davem@xxxxxxxxxxxxx>, Linux Netdev List <netdev@xxxxxxxxxxx>, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, lmb@xxxxxxx
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.5.6+20040907i

Hi Dave!

This is the second patch, adding the 'CLUSTERIP' target to iptables. It
depends on the first 'CONNMARK' patch.

This enables you to build a static load sharing cluster between multiple
nodes - without the requirement to have a load balancer.  It uses a
series of [evil] tricks like replying with linklayer multicast addresses
to ARP requests, and using CONNMARK for stateful blocking all traffic
not intended for the local node.

Apart from the usual netfilter-specific file additions and
Kconfig/Makefile patches, this needs to export proc_file_operations in
order to get the reference counting of certain data objects right.  I
hope this change is acceptable.

Signed-off-by: Harald Welte <laforge@xxxxxxxxxxxxx>

-- 
- Harald Welte <laforge@xxxxxxxxxxxxx>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie

2.6.9-clusterip.patch
Description: Text document

signature.asc
Description: Digital signature

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH 2.6] iptables CLUSTERIP target, Harald Welte <= Re: [PATCH 2.6] iptables CLUSTERIP target, YOSHIFUJI Hideaki / 吉藤英明 Re: [PATCH 2.6] iptables CLUSTERIP target, David S. Miller Re: [PATCH 2.6] iptables CLUSTERIP target, Christoph Hellwig Re: [PATCH 2.6] iptables CLUSTERIP target, Christoph Hellwig Re: [PATCH 2.6] iptables CLUSTERIP target, Harald Welte Re: [PATCH 2.6] iptables CLUSTERIP target, Herbert Xu Re: [PATCH 2.6] iptables CLUSTERIP target, bert hubert Re: [PATCH 2.6] iptables CLUSTERIP target, Harald Welte Re: [PATCH 2.6] iptables CLUSTERIP target, Lars Marowsky-Bree Re: [PATCH 2.6] iptables CLUSTERIP target, Harald Welte

Previous by Date:	Re: way of figuring out total number of retransmitted packets on a TCP socket?, Lennert Buytenhek
Next by Date:	[PATCH 2.6] iptables hashlimit match, Harald Welte
Previous by Thread:	[PATCH 2.6] iptables CONNMARK match+target, Harald Welte
Next by Thread:	Re: [PATCH 2.6] iptables CLUSTERIP target, YOSHIFUJI Hideaki / 吉藤英明
Indexes:	[Date] [Thread] [Top] [All Lists]