Re: [lvs-users] Best way to use source NAT?

To:	Michael Schwartzkopff <ms@xxxxxxx>
Subject:	Re: [lvs-users] Best way to use source NAT?
Cc:	"lvs-users@xxxxxxxxxxxxxxxxxxxxxx" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From:	Julian Anastasov <ja@xxxxxx>
Date:	Sun, 8 Nov 2015 11:21:41 +0200 (EET)

        Hello,

On Thu, 5 Nov 2015, Michael Schwartzkopff wrote:

> Hi,
> 
> I found several ways to implement source NAT on the LVS. What is the state of 
> the art way to do this? Using plain iptables or use the ipvs module of 
> iptables?
> 
> As far as I understood, with plain iptables, I need to enable 
> net.vs.conntrack?

        Yes, if Netfilter's conntrack is enabled the faster
option for IPVS is to also enable net.vs.conntrack [1]. It allows
stateful filtering (-m state) and iptables NAT. There is even
specific match for IPVS: net/netfilter/xt_ipvs.c (-m ipvs).

[1] http://marc.info/?t=134728825000003&r=1&w=2

Regards

--
Julian Anastasov <ja@xxxxxx>

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] Best way to use source NAT?, Michael Schwartzkopff Re: [lvs-users] Best way to use source NAT?, Julian Anastasov <=

Previous by Date:	Re: [lvs-users] IPVS forwards the requests to real servers for stranger VIP, Richard Scott
Next by Date:	[lvs-users] LVS : simple load balancing failover, Alexandre
Previous by Thread:	[lvs-users] Best way to use source NAT?, Michael Schwartzkopff
Next by Thread:	[lvs-users] LVS : simple load balancing failover, Alexandre
Indexes:	[Date] [Thread] [Top] [All Lists]