|
hi.
thanx for the fast advice. but i'm not sure you understood correctly
what i wanted. i just simply want a port-fw on vip:port1 to
webserver_1:22 and vip:port2 to webserver_2:22. because it's not very
fine to guess what server can be reached. it should be a dedicated port
(i tried 1026 to webserver_1 and 1027 forwarding to webserver_")
and it seems, that rinetd is completely overriding everything i
configured, nmap just shows nothing. and ipmasqadm won't worked on an
aliased ip (i read a posting about this fact, but it isn't verified)
clemens
Alexandre CASSEN wrote:
>
> Hi,
>
> Try this : ipchains -A forward -j MASQ -p tcp -s 192.168.200.0/24 80 -d
> 0.0.0.0/0
>
> => That way you only NAT port 80 of your realservers, all the other
> services are accessible via routing table.
>
> => You need then to set on your default gateway network router a routing
> entry to route direct traffic to IP addresses of your realserver throught
> LVS. For example if LVS loadbalance realserver pool owning IP class
> 192.168.200.0/24, if your LVS accessible IP is 192.168.100.10 then append
> something like this : ip route add 192.168.200.0/24 via 192.168.100.10 on
> your default gateway network router.
>
> Read http://keepalived.sourceforge.net QuickStart.pdf guide this is exactly
> the configuration you need.
>
> Hope it will help,
> Alexandre
>
> >the problem now is, that each of the web servers needs its own
> >ssh-access for maintainance.
> >i tried it first with rr-scheduling with just setting up one service for
> >each server, but it didn't work. the second thing i tried is with ipmasq
> >portfw, the same. the last thing i tried was rinetd, again nothing. i
> >wasn't able to access one of the webserver directly at all.
> >i set up several ipchains too, but nothing happened.
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
