diff options
author | Alex Gartrell | 2015-09-14 23:23:05 -0700 |
---|---|---|
committer | Simon Horman | 2015-09-17 11:50:02 +0900 |
commit | 4e478098ac0ac1b6ef9a70fcdc2ec8b93f1b59a1 (patch) | |
tree | 0c31ff5b8ccae065724c0f729d07188ba1f25137 /Documentation/networking | |
parent | 5e26b1b3abce05c177feb589260031519a1bc7b1 (diff) |
ipvs: add sysctl to ignore tunneled packets
This is a way to avoid nasty routing loops when multiple ipvs instances can
forward to eachother.
Signed-off-by: Alex Gartrell <agartrell@fb.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'Documentation/networking')
-rw-r--r-- | Documentation/networking/ipvs-sysctl.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/networking/ipvs-sysctl.txt b/Documentation/networking/ipvs-sysctl.txt index 3ba709531adb..e6b1c025fdd8 100644 --- a/Documentation/networking/ipvs-sysctl.txt +++ b/Documentation/networking/ipvs-sysctl.txt @@ -157,6 +157,16 @@ expire_quiescent_template - BOOLEAN persistence template if it is to be used to schedule a new connection and the destination server is quiescent. +ignore_tunneled - BOOLEAN + 0 - disabled (default) + not 0 - enabled + + If set, ipvs will set the ipvs_property on all packets which are of + unrecognized protocols. This prevents us from routing tunneled + protocols like ipip, which is useful to prevent rescheduling + packets that have been tunneled to the ipvs host (i.e. to prevent + ipvs routing loops when ipvs is also acting as a real server). + nat_icmp_send - BOOLEAN 0 - disabled (default) not 0 - enabled |