• G
    net: kernel hookers service for toa module · aff365b6
    George Zhang 提交于
    LVS fullnat will replace network traffic's source ip with its local ip,
    and thus the backend servers cannot obtain the real client ip.
    
    To solve this, LVS has introduced the tcp option address (TOA) to store
    the essential ip address information in the last tcp ack packet of the
    3-way handshake, and the backend servers need to retrieve it from the
    packet header.
    
    In this patch, we have introduced the sk_toa_data member in the sock
    structure to hold the TOA information. There used to be an in-tree
    module for TOA managing, whereas it has now been maintained as an
    standalone module.
    
    In this case, the toa module should register its hook function(s) using
    the provided interfaces in the hookers module.
    
    TOA in sock structure:
    
    	__be32 sk_toa_data[16];
    
    The hookers module only provides the sk_toa_data placeholder, and the
    toa module can use this variable through the layout it needs.
    
    Hook interfaces:
    
    The hookers module replaces the kernel's syn_recv_sock and getname
    handler with a stub that chains the toa module's hook function(s) to the
    original handling function. The hookers module allows hook functions to
    be installed and uninstalled in any order.
    
    toa module:
    
    The external toa module will be provided in separate RPM package.
    
    [xuyu@linux.alibaba.com: amend commit log]
    Signed-off-by: NGeorge Zhang <georgezhang@linux.alibaba.com>
    Signed-off-by: NXu Yu <xuyu@linux.alibaba.com>
    Reviewed-by: NCaspar Zhang <caspar@linux.alibaba.com>
    aff365b6
sock.h 71.3 KB