git.baikalelectronics.ru Git - kernel.git/commit

author	Andrew Sy Kim <kim.andrewsy@gmail.com>
	Wed, 8 Jul 2020 16:16:38 +0000 (12:16 -0400)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 21 Jul 2020 23:17:59 +0000 (01:17 +0200)
commit	8739a65b7fe6ff315cbfb86d125fbacb35fe8b76
tree	c667d506f5c295992d6381398a5f4c4c0fbd6a51	tree \| snapshot
parent	4781842171ad3091ddde8064e2a23f390faf8462	commit \| diff

ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1

When expire_nodest_conn=1 and a destination is deleted, IPVS does not
expire the existing connections until the next matching incoming packet.
If there are many connection entries from a single client to a single
destination, many packets may get dropped before all the connections are
expired (more likely with lots of UDP traffic). An optimization can be
made where upon deletion of a destination, IPVS queues up delayed work
to immediately expire any connections with a deleted destination. This
ensures any reused source ports from a client (within the IPVS timeouts)
are scheduled to new real servers instead of silently dropped.

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/ip_vs.h		diff \| blob \| history
net/netfilter/ipvs/ip_vs_conn.c		diff \| blob \| history
net/netfilter/ipvs/ip_vs_core.c		diff \| blob \| history
net/netfilter/ipvs/ip_vs_ctl.c		diff \| blob \| history