ipvs: add sysctl to ignore tunneled packets

This is a way to avoid nasty routing loops when multiple ipvs instances can forward to eachother. Signed-off-by: Alex Gartrell <agartrell@fb.com> Signed-off-by: Simon Horman <horms@verge.net.au>
author: Alex Gartrell <agartrell@fb.com> 2015-09-14 23:23:05 -0700
committer: Simon Horman <horms@verge.net.au> 2015-09-17 11:50:02 +0900
commit: 4e478098ac0ac1b6ef9a70fcdc2ec8b93f1b59a1 (patch)
tree: 0c31ff5b8ccae065724c0f729d07188ba1f25137 /Documentation/networking
parent: 5e26b1b3abce05c177feb589260031519a1bc7b1 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/networking/ipvs-sysctl.txt b/Documentation/networking/ipvs-sysctl.txt
index 3ba709531adb..e6b1c025fdd8 100644
--- a/Documentation/networking/ipvs-sysctl.txt
+++ b/Documentation/networking/ipvs-sysctl.txt
@@ -157,6 +157,16 @@ expire_quiescent_template - BOOLEAN
 	persistence template if it is to be used to schedule a new
 	connection and the destination server is quiescent.
 
+ignore_tunneled - BOOLEAN
+	0 - disabled (default)
+	not 0 - enabled
+
+	If set, ipvs will set the ipvs_property on all packets which are of
+	unrecognized protocols.  This prevents us from routing tunneled
+	protocols like ipip, which is useful to prevent rescheduling
+	packets that have been tunneled to the ipvs host (i.e. to prevent
+	ipvs routing loops when ipvs is also acting as a real server).
+
 nat_icmp_send - BOOLEAN
         0 - disabled (default)
         not 0 - enabled
author	Alex Gartrell <agartrell@fb.com>	2015-09-14 23:23:05 -0700
committer	Simon Horman <horms@verge.net.au>	2015-09-17 11:50:02 +0900
commit	4e478098ac0ac1b6ef9a70fcdc2ec8b93f1b59a1 (patch)
tree	0c31ff5b8ccae065724c0f729d07188ba1f25137 /Documentation/networking
parent	5e26b1b3abce05c177feb589260031519a1bc7b1 (diff)