I have a LVS config using NAT. A LVS front-ends a real web server on a
private LAN. I want to be able to use the web server directly from
systems on the LAN. Since the DNS points www references to the LVS IP,
the HTTP requests arrive (via the LVS) at the real server OK, but the
server tries to send the reply directly to the client on the LAN,
instead of back thru the LVS to get masqueraded, because its routing
table says that's the intelligent way to go.
OK, so I fooled it by adding a routing table entry on the real web server
to ship stuff to a specific client via the LVS. Now I can web surf from
the client, but it sucks to have all traffic (besides web) from the server
to that client go thru the LVS router. Pity I can't but more detailed
rules in the routing table on the client.
Another problem: I can't get run a browser on the real web server to see
its own content. Same problem - the reply packets from the server don't
get masqueraded... In this case, they never even leave the box, I suppose,
and there is no way to fudge it as I described above.
Now, I'm thinking of setting up an HTTP proxy in an "outside" box to work
around this.
Is there a better way?
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|