|
Jeremy Kusnetz wrote:
>
> Okay, since the global ipchains will work, I'll stick with it for now.
> ipchains -A forward -j MASQ -s 10.75.0.0/16 -d 0.0.0.0/0
>
> It's working with http/https/smtp/pop, I'm just getting that problem with
> passive ftp.
>
> In the -d 0.0.0.0/0 part of the ipchain, why is it zeros instead of the VIP?
the -d is destination, the packets you're masquerading are going to anywhere.
> Isn't the destination the VIP?
in the masquerading direction (which these rules operate on), the destination
is the client.
> I have multiple VIP interfaces on the LVS,
> could this be a problem?
I'd have to think about it. How about you try just one VIP in the meantime.
> Is it worth trying to upgrade ip_masq_ftp to the version that comes with
> 2.2.19?
no.
> Does it need things that are also in 2.2.19 kernel release?
very likely
It
> seems like that in_ports option helped one user in the archives.
only if he was running 2.2.19 :-)
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
