diff options
author | Simon Horman <horms@verge.net.au> | 2011-09-09 17:07:43 +0900 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-11-01 09:19:25 +0100 |
commit | 7e777dd43d55a78c41c3498afaf3ef7edf157120 (patch) | |
tree | 9bb6e9ac6ddaf208912bb33e78e98408ab290645 | |
parent | 52669dfa8312b7f63b963df6d01dc5513398f4c4 (diff) | |
download | linux-7e777dd43d55a78c41c3498afaf3ef7edf157120.tar.gz linux-7e777dd43d55a78c41c3498afaf3ef7edf157120.tar.bz2 linux-7e777dd43d55a78c41c3498afaf3ef7edf157120.zip |
ipvs: Add documentation for new sysctl entries
Add missing documentation for conntrack, snat_reroute and sync_version.
Also fix up a typo, IPVS_DEBUG should be IP_VS_DEBUG.
Acked-by: Julian Anastasov <ja@ssi.bg>
Acked-by Hans Schillstrom <hans@schillstrom.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | Documentation/networking/ipvs-sysctl.txt | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/Documentation/networking/ipvs-sysctl.txt b/Documentation/networking/ipvs-sysctl.txt index 4ccdbca03811..1dcdd49594c4 100644 --- a/Documentation/networking/ipvs-sysctl.txt +++ b/Documentation/networking/ipvs-sysctl.txt @@ -15,6 +15,23 @@ amemthresh - INTEGER enabled and the variable is automatically set to 2, otherwise the strategy is disabled and the variable is set to 1. +conntrack - BOOLEAN + 0 - disabled (default) + not 0 - enabled + + If set, maintain connection tracking entries for + connections handled by IPVS. + + This should be enabled if connections handled by IPVS are to be + also handled by stateful firewall rules. That is, iptables rules + that make use of connection tracking. It is a performance + optimisation to disable this setting otherwise. + + Connections handled by the IPVS FTP application module + will have connection tracking entries regardless of this setting. + + Only available when IPVS is compiled with the CONFIG_IP_VS_NFCT + cache_bypass - BOOLEAN 0 - disabled (default) not 0 - enabled @@ -39,7 +56,7 @@ debug_level - INTEGER 11 - IPVS packet handling (ip_vs_in/ip_vs_out) 12 or more - packet traversal - Only available when IPVS is compiled with the CONFIG_IPVS_DEBUG + Only available when IPVS is compiled with the CONFIG_IP_VS_DEBUG Higher debugging levels include the messages for lower debugging levels, so setting debug level 2, includes level 0, 1 and 2 @@ -141,3 +158,36 @@ sync_threshold - INTEGER synchronized, every time the number of its incoming packets modulus 50 equals the threshold. The range of the threshold is from 0 to 49. + +snat_reroute - BOOLEAN + 0 - disabled + not 0 - enabled (default) + + If enabled, recalculate the route of SNATed packets from + realservers so that they are routed as if they originate from the + director. Otherwise they are routed as if they are forwarded by the + director. + + If policy routing is in effect then it is possible that the route + of a packet originating from a director is routed differently to a + packet being forwarded by the director. + + If policy routing is not in effect then the recalculated route will + always be the same as the original route so it is an optimisation + to disable snat_reroute and avoid the recalculation. + +sync_version - INTEGER + default 1 + + The version of the synchronisation protocol used when sending + synchronisation messages. + + 0 selects the original synchronisation protocol (version 0). This + should be used when sending synchronisation messages to a legacy + system that only understands the original synchronisation protocol. + + 1 selects the current synchronisation protocol (version 1). This + should be used where possible. + + Kernels with this sync_version entry are able to receive messages + of both version 1 and version 2 of the synchronisation protocol. |