[nf-failover] Re: [RFC] ct_sync 0.15 (corrected)
laforge at netfilter.org
Sat Sep 25 09:52:53 CEST 2004
On Thu, Sep 23, 2004 at 10:42:19PM -0400, jamal wrote:
> Hi Krisztian,
> I just glanced over your code (30 sec scan) and your state machine
> doesnt allow for active/active (i.e two masters).
yes, this is not a supported mode of operation in this first
> I havent actually run it - can you confirm this is impossible?
> if ct_sync was blind i.e it just did what it was told "become master" or
> "become slave" regardless of who else is master, then it would be more
> usable - leave policy to whatever tells it to switch.
well it exactly does this, with an additional security: A master will
be downgraded to slave as soon as another master announces itself. This
is a security guard against invalid mode of operation.
- Harald Welte <laforge at netfilter.org> http://www.netfilter.org/
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/netfilter-devel/attachments/20040925/47499172/attachment.bin
More information about the netfilter-devel