[Bug 1053] New: connection tracker integration issue

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Tue Mar 1 15:41:16 CET 2016 

https://bugzilla.netfilter.org/show_bug.cgi?id=1053

            Bug ID: 1053
           Summary: connection tracker integration issue
           Product: conntrack-tools
           Version: unspecified
          Hardware: i386
                OS: All
            Status: NEW
          Severity: critical
          Priority: P5
         Component: conntrack-daemon
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: ashvin.rathod at mobileinternet.co.in

Created attachment 476
  --> https://bugzilla.netfilter.org/attachment.cgi?id=476&action=edit
rollout steps we did on production and found VRRP stop working. Please check in
your lab and let us know the solution.

Hi,

We would like to know "primary-backup.sh" scrip behavior when we integrate with
keeplived on RHEL. Let us know each parameter trigger script call on RHEL
server to restore all iptables states and keep continue all active traffic and
iptables rules.
Is there any debugging perameter we can monitoring “primary-backup.sh” script
behavior.

Keepalived configuration perameter:-

Perameter 1: notify_master "/etc/conntrackd/primary-backup.sh primary" 
Perameter 2: notify_backup "/etc/conntrackd/primary-backup.sh backup"
Perameter 3: notify_fault "/etc/conntrackd/primary-backup.sh fault"

We had integrated above changes in keepalived and found VRRP stopped working.
So, we would like to understand exact behavior of above parameter and needs to
know it require additional configuration for example enable kernel modules ? or
iptables rules ?.


1.    Our server and package version details:-
•    OS RHEL 5.3 32bit
•    KeepAlived 1.2.15
•    libnetfilter_conntrack-1.0.1
•    conntrack-tools-1.0.1
•    Linux kernel version “2.6.18”

2.    Issue with integration as follows
•    When we set “primary-backup.sh” script perameter in keepalived.conf file
VRRP stop working and our traffic flow stopped.

We have also visited conntrack-tools website but we did not get blog or forum
site. Let us know how we can get support based on our current issue.
Let me know if you require more details.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160301/2567fef8/attachment.html>

More information about the netfilter-buglog mailing list