On Thu, May 22, 2003 at 09:56:16AM +0100, Malcolm Turnbull wrote:
> > Horms,
> > As I know, the lvs director with NAT rewrites the destination IP
> > address for incoming packets and rewrites the source IP address
> > for outgoing packets. Thus real server must set lvs director as
> > default gateway.
> > Now I wonder if the lvs director can rewrite both destination IP
> > address and source IP address for all packets. Example, director
> > replace the destionation IP address with real server's IP address
> > and replace the source IP address with director's private
> > address.So real server don't have to set director as default
> > gateway. Can lvs do it? Thank you
> I also think that would be a nice feature for LVS .. F5 call it SNAT
> (secure NAT) for daft marketing reasons and I guess 30-40% of their
> customers use it because it is so easy to configure.
> Probably not trivial to program though ?
I don't really follow how such a feature can work.
The Real Servers are still going to respond with their
own IP address and this still needs to be rewritten somehow.
That is unless there is some modification to the Real Servers.
I guess I am missing the point somewhere.
That said, It should be easy enough to implement.
Actually it might be possible to just use
an ipchains rule to do it.