[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keepalived-devel
Subject:    Re: [Keepalived-devel] adding a keepalived slave causes problems.
From:       Graeme Fowler <graeme () graemef ! net>
Date:       2006-01-31 15:34:23
Message-ID: 20060131153423.mmy6b6vttfwo48wo () webmail ! graemef ! net
[Download RAW message or body]

Hi

On Tue 31 Jan 2006 15:24:28 GMT , Richard Scott <r.scott@har.mrc.ac.uk> wrote:
> I did try marking packets on Director2 with a different fwmark to 
> Director1 but it seemed to overwrite the existing fwmark and that put 
> us back at the same black hole problem ;-(

Aha. Yes indeed, I can see that - you'd have to do something like:

iptables -t mangle -I PREROUTING -p tcp -m tcp -s 0/0 \
  -d $VIP --dport $PORT \
  -m mark --mark !0x1 \
  -j MARK --set-mark 0x11

or something equally <ahem> "elegant". I'm not 100% convinced that you 
can do negation like that with the mark match module, but that's the 
semantics for the other modules which allow negation so it might work. 
If you're lucky.

Graeme




-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Keepalived-devel mailing list
Keepalived-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/keepalived-devel
[prev in list] [next in list] [prev in thread] [next in thread]