|
On Wed, 10 Sep 2008, Zack Gilburd wrote:
> Greetings,
>
> Here is essentially how my setup works. All internal IPs are on the
> same subnet.
If you want the VIP to be an internal IP, look in the HOWTO
for "one network LVS-NAT"
> 1) CIP conencts to External IP
> 2) External IP - Linux Gateway uses DNAT to send packets to internal VIP
I would be surprised if you can DNAT and LVS-NAT at the same
time.
> 3) VIP sends packets to internal (web) RIP.
> 4) RIP responds to external IP
> 5) Packet arrives at gateway, gateway SNAT rule is in place to make
> source external IP that was requested by client
LVS-NAT does it's own NAT'ing. To get LVS-NAT to work, you
should start with no iptables rules at all.
> 6) Instead of the gateway applying the SNAT rule, it sends packet out
> over external connection with RIP as the source.
don't use iptables rules
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
