Re: LVS-DR with FW-Marks and different port

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: LVS-DR with FW-Marks and different port
From:	Joseph Mack <mack.joseph@xxxxxxx>
Date:	Thu, 07 Mar 2002 16:13:50 -0500

Juergen Jaeschke wrote:
> 
> Hi,
> 
> if I try to direct services to another port
> (say incoming is VIP:180, this is fw-marked to 0xb, and i've
> set up a rule to DR packets with 0xb to RIP:80) 

how did you setup this rule? You can only change ports with VS-NAT.
With VS-DR you cannot rewrite the port.

> then i end
> up in packets to the RIP:VPORT, that is RIP:180 instead
> of RIP:80.
> 
> I tried to DNAT this service to port 80, 

I don't know who gets the packets first, LVS or DNAT.
Assuming you get it to work, the behaviour you'll get
is probably not part of the LVS spec and it may not 
work in the future. LVS has an uneasy coexistance 
with netfilter.

Joe

-- 
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center, 
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA

<Prev in Thread]	Current Thread	[Next in Thread>
LVS-DR with FW-Marks and different port, Juergen Jaeschke Re: LVS-DR with FW-Marks and different port, Joseph Mack <= Re: LVS-DR with FW-Marks and different port, Juergen Jaeschke Re: LVS-DR with FW-Marks and different port, Joseph Mack

Previous by Date:	LVS-DR with FW-Marks and different port, Juergen Jaeschke
Next by Date:	Re: Very strange behavior, Roberto Nibali
Previous by Thread:	LVS-DR with FW-Marks and different port, Juergen Jaeschke
Next by Thread:	Re: LVS-DR with FW-Marks and different port, Juergen Jaeschke
Indexes:	[Date] [Thread] [Top] [All Lists]