#!/bin/sh #rc.horms #script by Joseph Mack and Horms (C) 1999, released under GPL. #Joseph Mack jmack@xxxxxxxx, Horms horms@xxxxxxxxxxxx #This code is part of the Linux Virtual Server project #http://www.linuxvirtualserver.org # # #Horm's method for solving the LVS arp problem for a VS-DR LVS. #Uses ipchains to redirect a packet destined for an external #machine (in this case the VIP) to the local device. #I'll put this into the HOWTO/configure script when I get back from vacation (Jan 1900) #Joe #----------------------------------------------------- #Instructions: # #1. Director: Setup normally (eg turn on LVS services there with ipvsadm). #2. Realservers: Must be running 2.2.x kernel. # 2.1 recompile the kernel (and reboot) after turning on the following under "Networking options" # Network firewalls # IP: firewalling # IP: transparent proxy support # IP: masquerading # 2.2 Setup the realserver as if it were a regular leaf node on the network, # ie with the same gateway and IP as if it were in the LVS, but DO NOT # put the VIP on the realserver. The realserver will only have its regular IP # (called the RIP in the HOWTO). #3. Edit "user configurable" stuff below" #4. Run this script #----------------------------------------------------- #user configurable stuff IPCHAINS="/sbin/ipchains" VIP="192.168.1.110" #services can be represented by their name (in /etc/services) or a number #SERVICES is a quote list of space separated strings # eg SERVICES="telnet" # SERVICES="telnet 80" # SERVICES="telnet http" #Since the service is redirected to the local device, #make sure you have SERVICE listening on 127.0.0.1 # SERVICES="telnet http" # #---------------------------------------------------- #main: #turn on IP forwarding (off by default in 2.2.x kernels) echo "1" > /proc/sys/net/ipv4/ip_forward #flush ipchains table $IPCHAINS -F input #install SERVICES for SERVICE in $SERVICES do { echo "redirecting ${VIP}:${SERVICE} to local:${SERVICE}" $IPCHAINS -A input -j REDIRECT $SERVICE -d $VIP $SERVICE -p tcp } done #list ipchain rules $IPCHAINS -L input #rc.horms----------------------------------------------