Mailing List Archive

Hello,

On Tue, 19 Dec 2000, Anmol Sheth wrote:

> Hi everybody,
> We were looking at the LVS code and could not figure out the
> masquerading part i.e. the reply from the real server to the clent. We
> also traced through the ip_queue_xmit() function whci was not of much
> help.
> We could not figure which portion of the Linux networking code handles
> the maquerading part.
> We are running LVS - NAT on a 0.9.12-2.2.14 ipvs on a 2 machine
> network with the real server configured on the loopback of the virtual
> server. Even ip_masquerade() does not seem to change the ip entries in
> the packet.

You don't provide any information for your setup. There are so
many possible reasons the networking not to work in the "expected" way.

echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects

There is no such function ip_masquerade. The path is:

drivers/net/<PACKET_DRIVER>.c
The packet driver calls netif_rx()

net/core/dev.c:netif_rx()
enqueue packet in backlog

net/core/dev.c:net_bh()
call ip_rcv() for IP protocol

net/ipv4/ip_input.c:ip_rcv()
- defragmentation
- input packet filter (firewall)
- ip_route_input() decides what function to call loading
skb->dst->input with ip_local_deliver (LOCAL_IN) or
ip_forward (FORWARD)
- call skb->dst->input() => ip_local_deliver()/ip_forward()


1. Demasquerading (out -> in)

ip_input.c:ip_local_deliver()
ip_masq.c:ip_fw_demasquerade()

I.e.

-> routing -> LOCAL_IN -> LVS/MASQ

2. Masquerading (in -> out)

ip_forward.c:ip_forward()
ip_masq.c:ip_fw_masquerade()

I.e.

-> routing -> FORWARD -> LVS/MASQ


> Could someone please suggest as to where exactly is the ip address changed back to that of the vip when the packet arrives from the real server to the VS.

net/ipv4/ip_masq.c:ip_fw_masquerade():

/*
* Set iph addr and port from ip_masq obj.
*/
iph->saddr = ms->maddr;
h.portp[0] = ms->mport;

> Thanx in advance,
> Anmol Sheth.


Regards

--
Julian Anastasov <ja@ssi.bg>