> I am afraid that the method used in the patch is not native, it breaks
> on IP fragments.
> IPVS is a kind of layer-4 switching, it routes packet by checking
> layer-4 information
> such as address and port number. ip_vs_in() is hooked at
NF_IP_LOCAL_IN, so
> that all the packets received by i
hi, Wensong. Thanks for your appraise.
> I see that this patch probably makes IPVS code a bit complicated and
> packet traversing less efficiently.
In my opinion, worry about the side-effect to the packet throughput is not
necessary. First, normal packets with mark rarely appear in the
NF_IP_FO
