ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Andrew Sy Kim <kim.andrewsy@gmail.com>	2020-07-08 19:16:38 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2020-07-22 02:17:59 +0300
commit	35dfb013149f74c2be1ff9c78f14e6a3cd1539d1 (patch)
tree	c667d506f5c295992d6381398a5f4c4c0fbd6a51 /net/netfilter/nf_nat_core.c
parent	336f531ab17c3f480f8289d26c35bd48302ed085 (diff)
download	linux-35dfb013149f74c2be1ff9c78f14e6a3cd1539d1.tar.xz

ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1

When expire_nodest_conn=1 and a destination is deleted, IPVS does not expire the existing connections until the next matching incoming packet. If there are many connection entries from a single client to a single destination, many packets may get dropped before all the connections are expired (more likely with lots of UDP traffic). An optimization can be made where upon deletion of a destination, IPVS queues up delayed work to immediately expire any connections with a deleted destination. This ensures any reused source ports from a client (within the IPVS timeouts) are scheduled to new real servers instead of silently dropped. Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com> Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/nf_nat_core.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: