|
On Mon, Jan 10, 2000 at 09:30:20AM +0100, Lars Marowsky-Bree wrote:
> > This may be a silly question, but other than using NAT, which has
> > performance problems, is this possible. I tried this topology
> > with direct routing and packets from the clients were multiplexed
> > to the servers fine, but return packets from the servers to the
> > client were not routed by the IPVS box.
>
> Yes. The LVS box silently drops the return packets, since they have a src ip
> which is also bound as a local interface on the LVS. This is meant to be a
> simple anti-spoofing protection.
Ok, that makes a lot of sense.
[snip]
> > This is not a problem as such as it probably makes a lot of sense
> > on not to use an IPVS box as your gateway router,
>
> Actually it makes a lot of sense to do just that IMHO. Less points of failure,
> less hard- & software to duplicate in a failover configuration.
Agreed.
--
Horms
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
