|
I would like to build a Linux Virtual Server using NAT and several
routers. The problem with this approach seems to be that the LVS
router changes only the destination address of IP packets and
forwards them to the real servers. The source address of the IP
packets is not changed, however. For this reason, the real servers
must use the LVS router as their default gateway. This precludes
simply using several LVS routers to address all of the real servers.
It seems that this problem could be avoided if the source address of
the IP packets were also changed, i.e. if the LVS router would also
masquerade incoming packets. If this were the case, the default route
would never be used, as all traffic would appear to be local. This can
not be achieved by simply adding an appropriate masquerading rule to
the forward chain, it seems. I assume that the IP packets rewritten by
the LVS code bypass the forward chain completely, although they are,
in a sense, being forwarded.
Wouldn't it be better to make use of masquerading in both directions,
or am I missing some vital point?
Regards
Michael Burschik
--
Michael Burschik <burschik@xxxxxxxxx>
* ID-PRO Deutschland GmbH * Am Hofgarten 20 * D-53113 Bonn
* Tel.: +49 (0) 228 - 42154-346 * Fax: -359
* http://open-for-the-better.com
|
