LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

LVS + SNAT/DNAT

To: "'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: LVS + SNAT/DNAT
From: Robert Zwissler <RZwissler@xxxxxxxxxxxxxxx>
Date: Wed, 4 Apr 2001 16:55:07 -0500
The server is Linux 2.4.2/LVS 0.2.8/IPtables 1.2, running persistant NAT 

I've noticed two distinct problems.  1) When using SNAT on the LVS server
ie: 
iptables -t nat -A POSTROUTING -d <realserver_ip> -j SNAT --to
<lvs_server_ip> 
the IP never gets SNAT'd.  With LVS, is the POSTROUTING chain skipped?

2) When using DNAT on the realserver ie: 
iptables -t nat -A PREROUTING -d <virtual_ip_unused_by_lvs> \
 -j DNAT --to <real_server_ip> 
it works as expected - you can ssh to the virtual IP and get forwarded onto
the
realserver through the LVS server.  However, when you try to access a port 
on the realserver which also maps to a LVS service, the response packet 
never makes it back to the client.  It gets lost on the LVS server.

Rob
 


<Prev in Thread] Current Thread [Next in Thread>