|
On Mon, 2008-11-10 at 19:42 +0200, Cristi wrote:
> I have a LVS NAT setup running for some time now. I want, for management
> issues, that connections to the VIP from a certain host (i don't even
> need granularity) to always be redirected to RS01, for example.
> If this cannot be done via ipvs, could you please sugest another course
> of action?
Combine netfilter marks (fwmarks) and a virtual service based on mark
values instead of VIP.
Catch packets from 1.2.3.4 destined for the VIP service port and set a
mark:
iptables -t mangle -I INPUT -s 1.2.3.4/32 -d $VIP \
-p tcp --dport $VIP_PORT -j MARK --set-mark 0x1234
ipvsadm -A -f 0x1234
ipvsadm -a -f 0x1234 -r 192.168.10.1:0 -m
This way, hopefully, all packets from 1.2.3.4 will end up being handled
by 192.168.0.10 only. Give it a try.
Graeme
|
