bugzilla-daemon at netfilter.org
2016-Mar-01 14:41 UTC
[Bug 1053] New: connection tracker integration issue
https://bugzilla.netfilter.org/show_bug.cgi?id=1053
Bug ID: 1053
Summary: connection tracker integration issue
Product: conntrack-tools
Version: unspecified
Hardware: i386
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: conntrack-daemon
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: ashvin.rathod at mobileinternet.co.in
Created attachment 476
--> https://bugzilla.netfilter.org/attachment.cgi?id=476&action=edit
rollout steps we did on production and found VRRP stop working. Please check in
your lab and let us know the solution.
Hi,
We would like to know "primary-backup.sh" scrip behavior when we
integrate with
keeplived on RHEL. Let us know each parameter trigger script call on RHEL
server to restore all iptables states and keep continue all active traffic and
iptables rules.
Is there any debugging perameter we can monitoring ?primary-backup.sh? script
behavior.
Keepalived configuration perameter:-
Perameter 1: notify_master "/etc/conntrackd/primary-backup.sh primary"
Perameter 2: notify_backup "/etc/conntrackd/primary-backup.sh backup"
Perameter 3: notify_fault "/etc/conntrackd/primary-backup.sh fault"
We had integrated above changes in keepalived and found VRRP stopped working.
So, we would like to understand exact behavior of above parameter and needs to
know it require additional configuration for example enable kernel modules ? or
iptables rules ?.
1. Our server and package version details:-
? OS RHEL 5.3 32bit
? KeepAlived 1.2.15
? libnetfilter_conntrack-1.0.1
? conntrack-tools-1.0.1
? Linux kernel version ?2.6.18?
2. Issue with integration as follows
? When we set ?primary-backup.sh? script perameter in keepalived.conf file
VRRP stop working and our traffic flow stopped.
We have also visited conntrack-tools website but we did not get blog or forum
site. Let us know how we can get support based on our current issue.
Let me know if you require more details.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160301/2567fef8/attachment.html>
bugzilla-daemon at netfilter.org
2018-Apr-22 19:46 UTC
[Bug 1053] connection tracker integration issue
https://bugzilla.netfilter.org/show_bug.cgi?id=1053
Shane <arlenslambert at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
URL| |Arlenslambert at gmail.com
CC| |arlenslambert at gmail.com
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180422/5b3cf642/attachment.html>
Reasonably Related Threads
- [Bug 1246] New: Log
- [Bug 1166] New: negated rule and rule with mistyped interface name looks identical in non-verbose iptables output
- [Bug 1244] New: Connection tracker fails to connect
- [Bug 1245] New: Connection tracker fails to connect
- shorewall, ucarp & conntrackd on debian