netfilter: establish portforward/DNAT while request-attempt
From: peter pilsl (pilsl_at_goldfisch.at)
Date: 03/25/05
- Next message: ashran111_at_hotmail.com: "Re: Setting up wireless itnernet connection"
- Previous message: Stephen J. Bevan: "Re: VPN client for linux without compiling kernel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 25 Mar 2005 19:35:45 +0100
What happens if I redirect a request from one listening daemon to
another while a client is actually starting a request.
Lets assume two identically configured apaches on two different ip's.
One is the master and the other one is the backupdaemon.
When I introduce a DNAT-rule to redirect traffic from master to backup
then the backup takes over. Everything is working fine. But what happens
if I introduce the DNAT-rule while a client-request is in progress?
The master gets first half of the request and the backupserver gets the
second half. Is this something to worry about? Is there something I can
do against it using more complicated netfilter rules and the syn-flag?
The applications running on the webserver are alle stateaware by
themselfs by urls and/or cookies. So there is no stateawarness done by
the server. This is not the problem.
And the same problem applies to other daemons like ftp or ssh. I'd like
to be able to switch seamlessely between different daemons on the same
machine or even between different machines.
thnx,
peter
-- http://www.goldfisch.at/know_list
- Next message: ashran111_at_hotmail.com: "Re: Setting up wireless itnernet connection"
- Previous message: Stephen J. Bevan: "Re: VPN client for linux without compiling kernel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
