LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

NAT problem

from [Bill Michaelson] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: NAT problem
Cc: lmi@xxxxxxxxx
From: Bill Michaelson <bill@xxxxxxxx>
Date: Sat, 4 Dec 1999 10:15:55 -0500 (EST) 
I am trying to use ipvsadm for NAT.  I rebuilt the Linux 2.2.13 kernel with
the 0.9.5 package of ipvsadm support.  I configured the telnet port at the
virtual server IP to direct traffic to "daisy".  Here is a report by
ipvsadm:

$ ipvsadm -L
IP Virtual Server version 0.9.5 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn
TCP  virtip:telnet wlc
  -> daisy:telnet                Masq    1      0          1         

Looks good so far, I think.

So I start a telnet client on fred, a box on the "outside" network which
connects to the VS thru eth1, and expect relay to occur to daisy, on eth0...

fred$ telnet virtip

I watch the activity from another box attached to both eth0 and eth1 with
a pair of tcpdump processes.  Here is what they report:

on eth1:

# tcpdump -i eth1 host daisy or virtip or \( fred and ! jujubee \)
tcpdump: listening on eth1
09:19:14.621943 fred.1061 > virtip.telnet: S 2014912000:2014912000(0) win 4096 
<mss 1460>
09:19:14.622742 daisy.telnet > fred.1061: S 3197583873:3197583873(0) ack 
2014912001 win 16384 <mss 512>
09:19:14.623062 fred.1061 > daisy.telnet: R 2014912001:2014912001(0) win 0

on eth0:

# tcpdump -i eth0 host daisy or virtip or \( fred and ! jujubee \)
tcpdump: listening on eth0
09:19:14.622128 fred.1061 > daisy.telnet: S 2014912000:2014912000(0) win 4096 
<mss 1460>
09:19:14.622606 daisy.telnet > fred.1061: S 3197583873:3197583873(0) ack 
2014912001 win 16384 <mss 512>
09:19:14.623144 fred.1061 > daisy.telnet: R 2014912001:2014912001(0) win 0


I notice that the first packet arrives at the VS (virtip) via eth1, and is
relayed to daisy as expected, BUT the packet is still identified as having
a source of fred.  As I interpret the operation of NAT, the packet should
have been modified to show a source of virtip, in order that replies from
daisy are returned via the VS.

Apparently I misunderstand something, or this release is broken.  Can anybody
help me?  Thanks in advance.

Bill Michaelson

----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Problems with persistent client connection, Wensong Zhang
Next by Date:  Re: Problems with persistent client connection, Wensong Zhang
Previous by Thread:  Horms' method of solving the arp problem for VS-DR, Joseph Mack
Next by Thread:  Re: NAT problem, Wensong Zhang
Indexes:  [Date] [Thread] [Top] [All Lists]