Re: [lvs-users] LVS + Xen + NAT

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] LVS + Xen + NAT
From: "Laurentiu C. Badea (L.C.)" <lc@xxxxxxxx>
Date: Wed, 17 Sep 2008 09:59:27 -0700
Graeme Fowler wrote:
> Simple question: does the realserver (the VM, have a
> route direct back to the network?

Xen creates a virtual bridge and adds a few iptables rules to control 
access and do NAT for its clients, while the host domain becomes their 
gateway. So you have the LVS setup sitting on top of a NAT router.

I would take a look at the iptables setup and check the packet counters 
during a query, especially on reject rules. Then try to insert rules to 
make it work and make sure the ruleset is maintained across reboots (Xen 
dynamically inserts rules when the bridges are brought up).


