LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] internal network behind direct routing instead of nat.

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [lvs-users] internal network behind direct routing instead of nat.
From: Horms <horms@xxxxxxxxxxxx>
Date: Thu, 20 Jan 2000 09:50:33 -0800
On Thu, Jan 20, 2000 at 12:46:59PM -0500, tc lewis wrote:
> > The problem is that with Direct routing the reply from the real
> > server has the vip as the source address. As this is an address
> > of one of the interfaces on the director it will drop it if you
> > try and forward it through the director. It appears from
> > experimentation week with /proc/sys/net/ipv4/conf/*/rp_filter
> > that at least on 2.2.14, there is no way to turn this behaviour
> > off.
> 
> 
> ok, that makes sense, but what if i'm not forwarding through the
> director--i'd be forwarding through a separate machine altogether, without
> interfaces that match the ip of the vip.  perhaps ipchains masquerading
> rules would need to be made to accept/allow masquerading (would one even
> need masquerading, or just forwarding?) from the vip as well as/instead of
> the ips of the real servers?

If you are forwarding though another box without the interface with
the vip, and you are using routable addresses then you should
just need to turn ipv4 forwarding on. No masquerading should
be necessarry.


-- 
Horms

----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>