|
On Tue, Aug 26, 2003 at 01:26:18PM +0200, Kjetil Torgrim Homme wrote:
> [Horms]:
> >
> > That should work pretty well and could be done quite cleanly using
> > an fwmark virtual service. The only potential problem would be if
> > you were getting a _lot_ of mail from one IP address over multiple
> > connections as they probably would all end up on one real server.
>
> I'll look into this, thank you for the tip.
Actually, on reflection I am not sure that it will work as
the Linux Director won't know anything about a connection
that was intialiased by the Real Server, and thus will
close the connection with the return packet comes in,
regardless of persistancy settings.
Of course it would work just fine in an LVS-NAT situation :)
>
> > On the other hand, I wonder if it would be possible to issue the
> > ident request with the RIP instead of the VIP.
>
> in the IDENT protocol, only the source and destination ports are
> given. the source and destination IP addresses are taken from the
> IDENT connection, so our IDENT client must use VIP as its source
> address.
Bother
--
Horms
|
