diff options
author | Janusz Krzysztofik <jkrzyszt@tis.icnet.pl> | 2007-03-26 18:03:44 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-04-25 22:28:15 -0700 |
commit | 2d771cd86d4c3af26f34a7bcdc1b87696824cad9 (patch) | |
tree | dcc026c42253c82d95167e22e658e163f1963db6 /net | |
parent | fa0b2d1d2196dd46527a8d028797e2bca5930a92 (diff) | |
download | kernel-crypto-2d771cd86d4c3af26f34a7bcdc1b87696824cad9.tar.gz kernel-crypto-2d771cd86d4c3af26f34a7bcdc1b87696824cad9.tar.xz kernel-crypto-2d771cd86d4c3af26f34a7bcdc1b87696824cad9.zip |
[IPV4] LVS: Allow to send ICMP unreachable responses when real-servers are removed
this is a small patch by Janusz Krzysztofik to ip_route_output_slow()
that allows VIP-less LVS linux director to generate packets
originating >From VIP if sysctl_ip_nonlocal_bind is set.
In a nutshell, the intention is for an LVS linux director to be able
to send ICMP unreachable responses to end-users when real-servers are
removed.
http://archive.linuxvirtualserver.org/html/lvs-users/2007-01/msg00106.html
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/route.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index df9fe4f2e8c..cb76e3c725a 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2396,7 +2396,7 @@ static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp) /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */ dev_out = ip_dev_find(oldflp->fl4_src); - if (dev_out == NULL) + if ((dev_out == NULL) && !(sysctl_ip_nonlocal_bind)) goto out; /* I removed check for oif == dev_out->oif here. @@ -2407,7 +2407,7 @@ static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp) of another iface. --ANK */ - if (oldflp->oif == 0 + if (dev_out && oldflp->oif == 0 && (MULTICAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF))) { /* Special hack: user can direct multicasts and limited broadcast via necessary interface |