I don't have checked the code, but does "'/usr/bin/pve-conntrack-tool', 'dump'" only dump vm conntrack, or all the host conntrack table ?
(Not sure how it could be possible for only vm currently, but if we implement different conntrack zones for each vm, it could be easy) Le ven. 16 oct. 2020 à 15:24, Mira Limbeck <[email protected]> a écrit : > > Requires the pve-conntrack-tool. On migration the conntrack information > from the source node is dumped and sent to the target node where it is > then inserted. > This helps with open connections during migration when the firewall is active. > > Signed-off-by: Mira Limbeck <[email protected]> > --- > PVE/QemuMigrate.pm | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/PVE/QemuMigrate.pm b/PVE/QemuMigrate.pm > index 11fec4b..a4e24f7 100644 > --- a/PVE/QemuMigrate.pm > +++ b/PVE/QemuMigrate.pm > @@ -1065,6 +1065,9 @@ sub phase2 { > die "unable to parse migration status '$stat->{status}' - > aborting\n"; > } > } > + > + $self->log('info', 'copy conntrack information'); > + PVE::Tools::run_command([['/usr/bin/pve-conntrack-tool', 'dump'], > [@{$self->{rem_ssh}}, '/usr/bin/pve-conntrack-tool', 'insert']]); > } > > sub phase2_cleanup { > -- > 2.20.1 > > > > _______________________________________________ > pve-devel mailing list > [email protected] > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
