LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] about NAT return path

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] about NAT return path
From: Martin Wheldon <martin.wheldon@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 02 Feb 2015 10:02:14 +0000
Hi,

The DNAT would still need to be reversed. The client will otherwise 
drop
the packet as it won't be from the host it started the connection with.

Best Regards

Martin

On 2015-02-02 09:59, Yonghua Peng wrote:
> If it's just a DNAT forwarding for the incoming packet, I don't think
> LVS host has to keep the status of the connection.
> I am probably wrong, just by curious. And I will test for it.
>
> Thanks.
>
> Martin Wheldon wrote:
>> Hi,
>>
>> Because there will be no entry in the NAT table on the second host 
>> so
>> it won't know how to deal with the return packet.
>>
>> Best Regards
>>
>> Martin
>>
>> On 2015-02-02 09:06, Yonghua Peng wrote:
>>> Can you tell me why the realserver should use host A as the 
>>> gateway?
>>> since host A and B have the same configure, and share the same VIP, 
>>> I
>>> was thinking both A and B can be setup as the gateway.
>>>
>>> Thanks.
>>>
>>>    Ivan Havlicek wrote:
>>>> No, if a transaction start via LVS host A, the realserver need to
>>>> use
>>>> this host as gateway to respond.
>>>> This is the normal for a NAT.
>>>
>>> _______________________________________________
>>> Please read the documentation before posting - it's available at:
>>> http://www.linuxvirtualserver.org/
>>>
>>> LinuxVirtualServer.org mailing list -
>>> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>>
>>>
>>
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - 
>> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - 
> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
> !DSPAM:31,54cf4a4d101354641921266!


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>