Revert "Make iptables rules use RETURN instead of ACCEPT (#362/#61)" - vyatta-wanloadbalance.git - vyatta wan load balance project (mirror of https://github.com/vyos/vyatta-wanloadbalance.git)

diff options

author	Alex Harpin <development@landsofshadow.co.uk>	2015-10-25 10:02:59 +0000
committer	Alex Harpin <development@landsofshadow.co.uk>	2015-10-25 10:02:59 +0000
commit	0a8064a21b0708c3039f91587f05773e783dae98 (patch)
tree	148b524c7863c8346938f69c511a2532876086ea /src/hosttool.cpp
parent	34a947fb5ae76092c08a19f7ef693113d4c171f3 (diff)
download	vyatta-wanloadbalance-0a8064a21b0708c3039f91587f05773e783dae98.tar.gz vyatta-wanloadbalance-0a8064a21b0708c3039f91587f05773e783dae98.zip

Revert "Make iptables rules use RETURN instead of ACCEPT (#362/#61)"

This reverts commit e9001877d3bbdd5c4c48f0ccc088bd381d0b92dc. Since the upstream change in the kernel from 3.6 onwards, where the ipv4 routing cache has has been removed due to performance bottlenecks and the fact that it was reasonable easy to launch denial of service attackes (it was designed in friendlier times), the kernel now reverts back to round-robin per packet routing rather than per flow as it was previously, with the result that this commits breaks load-balancing with two active routes. http://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=89aef8921bfbac22f00e04f8450f6e447db13e42 Bug #344 http://bugzilla.vyos.net/show_bug.cgi?id=344

Diffstat (limited to 'src/hosttool.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: