Lars Ellenberg wrote: > On Mon, Oct 13, 2008 at 04:55:34PM +0200, Lars Marowsky-Bree wrote: >> On 2008-10-13T15:14:58, Lars Ellenberg <[EMAIL PROTECTED]> wrote: >> >>>> Nice idea. What happens if conntrackd is activated on a cluster and a >>>> failover >>>> occures? Shouldn't the application send a RST on its own? Anybody tried >>>> this? >>> forwarded connections will survive transparently. >> That might be a good reason for a separate "conntrackd" RA, as it'd be >> cool if we could do stateful firewall fail-over out of the box, and then >> build the "tickle" extension on top. >> >>> tickle acks provoking client side action on the sessions, >>> leading to immediate RST and re-establish may reduce the time >>> it takes the client to recognize the failover. >> Yes, really a pretty cool idea - one of those where one wonders how we >> failed to come up with it in the past ;-) > > btw, if we replicate the connection state (using contrackd), we don't > need tickle acks, we can send the RST directly using e.g. cutter (minus > its sanity check filtering out local addresses).
Well actually cutter doesn't send the RST directly, instead it sends FIN to tickle the client into responding with the correct sequence number, then follows up with RST. So it does something similar to, but distinct from, the tickle ACK trick. Florian _______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
