Commit 52793dbe3d60bd73bbebe28b2bfc9f6b4b920d4c
Committed by
Pablo Neira Ayuso
Pablo Neira Ayuso
1 parent
fe3c8cc922
Exists in
master
and in
6 other branches
ipvs: try also real server with port 0 in backup server
We should not forget to try for real server with port 0 in the backup server when processing the sync message. We should do it in all cases because the backup server can use different forwarding method. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Showing 4 changed files with 11 additions and 5 deletions Side-by-side Diff
include/net/ip_vs.h
| ... | ... | @@ -1207,7 +1207,7 @@ |
| 1207 | 1207 | extern struct ip_vs_dest * |
| 1208 | 1208 | ip_vs_find_dest(struct net *net, int af, const union nf_inet_addr *daddr, |
| 1209 | 1209 | __be16 dport, const union nf_inet_addr *vaddr, __be16 vport, |
| 1210 | - __u16 protocol, __u32 fwmark); | |
| 1210 | + __u16 protocol, __u32 fwmark, __u32 flags); | |
| 1211 | 1211 | extern struct ip_vs_dest *ip_vs_try_bind_dest(struct ip_vs_conn *cp); |
| 1212 | 1212 | |
| 1213 | 1213 |
net/netfilter/ipvs/ip_vs_conn.c
| ... | ... | @@ -616,7 +616,7 @@ |
| 616 | 616 | if ((cp) && (!cp->dest)) { |
| 617 | 617 | dest = ip_vs_find_dest(ip_vs_conn_net(cp), cp->af, &cp->daddr, |
| 618 | 618 | cp->dport, &cp->vaddr, cp->vport, |
| 619 | - cp->protocol, cp->fwmark); | |
| 619 | + cp->protocol, cp->fwmark, cp->flags); | |
| 620 | 620 | ip_vs_bind_dest(cp, dest); |
| 621 | 621 | return dest; |
| 622 | 622 | } else |
net/netfilter/ipvs/ip_vs_ctl.c
| ... | ... | @@ -619,15 +619,21 @@ |
| 619 | 619 | const union nf_inet_addr *daddr, |
| 620 | 620 | __be16 dport, |
| 621 | 621 | const union nf_inet_addr *vaddr, |
| 622 | - __be16 vport, __u16 protocol, __u32 fwmark) | |
| 622 | + __be16 vport, __u16 protocol, __u32 fwmark, | |
| 623 | + __u32 flags) | |
| 623 | 624 | { |
| 624 | 625 | struct ip_vs_dest *dest; |
| 625 | 626 | struct ip_vs_service *svc; |
| 627 | + __be16 port = dport; | |
| 626 | 628 | |
| 627 | 629 | svc = ip_vs_service_get(net, af, fwmark, protocol, vaddr, vport); |
| 628 | 630 | if (!svc) |
| 629 | 631 | return NULL; |
| 630 | - dest = ip_vs_lookup_dest(svc, daddr, dport); | |
| 632 | + if (fwmark && (flags & IP_VS_CONN_F_FWD_MASK) != IP_VS_CONN_F_MASQ) | |
| 633 | + port = 0; | |
| 634 | + dest = ip_vs_lookup_dest(svc, daddr, port); | |
| 635 | + if (!dest) | |
| 636 | + dest = ip_vs_lookup_dest(svc, daddr, port ^ dport); | |
| 631 | 637 | if (dest) |
| 632 | 638 | atomic_inc(&dest->refcnt); |
| 633 | 639 | ip_vs_service_put(svc); |
net/netfilter/ipvs/ip_vs_sync.c
| ... | ... | @@ -740,7 +740,7 @@ |
| 740 | 740 | * but still handled. |
| 741 | 741 | */ |
| 742 | 742 | dest = ip_vs_find_dest(net, type, daddr, dport, param->vaddr, |
| 743 | - param->vport, protocol, fwmark); | |
| 743 | + param->vport, protocol, fwmark, flags); | |
| 744 | 744 | |
| 745 | 745 | /* Set the approprite ativity flag */ |
| 746 | 746 | if (protocol == IPPROTO_TCP) { |