summaryrefslogtreecommitdiff
path: root/Documentation/networking
diff options
context:
space:
mode:
authorAlex Gartrell <agartrell@fb.com>2015-09-14 23:23:05 -0700
committerSimon Horman <horms@verge.net.au>2015-09-17 11:50:02 +0900
commit4e478098ac0ac1b6ef9a70fcdc2ec8b93f1b59a1 (patch)
tree0c31ff5b8ccae065724c0f729d07188ba1f25137 /Documentation/networking
parent5e26b1b3abce05c177feb589260031519a1bc7b1 (diff)
ipvs: add sysctl to ignore tunneled packets
This is a way to avoid nasty routing loops when multiple ipvs instances can forward to eachother. Signed-off-by: Alex Gartrell <agartrell@fb.com> Signed-off-by: Simon Horman <horms@verge.net.au>
Diffstat (limited to 'Documentation/networking')
-rw-r--r--Documentation/networking/ipvs-sysctl.txt10
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/networking/ipvs-sysctl.txt b/Documentation/networking/ipvs-sysctl.txt
index 3ba709531adb..e6b1c025fdd8 100644
--- a/Documentation/networking/ipvs-sysctl.txt
+++ b/Documentation/networking/ipvs-sysctl.txt
@@ -157,6 +157,16 @@ expire_quiescent_template - BOOLEAN
persistence template if it is to be used to schedule a new
connection and the destination server is quiescent.
+ignore_tunneled - BOOLEAN
+ 0 - disabled (default)
+ not 0 - enabled
+
+ If set, ipvs will set the ipvs_property on all packets which are of
+ unrecognized protocols. This prevents us from routing tunneled
+ protocols like ipip, which is useful to prevent rescheduling
+ packets that have been tunneled to the ipvs host (i.e. to prevent
+ ipvs routing loops when ipvs is also acting as a real server).
+
nat_icmp_send - BOOLEAN
0 - disabled (default)
not 0 - enabled