|
Sorry! the ipchains rule on previous message has some mistake,
this message is correct.
=============================================
Hi all:
I have implemented a virtual server program with direct routing
in app-level by raw sockets.
When I test the virtual services (like http), the program will receive
the request or data packets sending from client and translate the dst
mac address to some real servers'. Then, send it out by raw socket
too.
But the problem is even I turn off the httpd on the load balancer
itself, the load balancer still send the packet with 'RST' flag in tcp
header to tell the client that she has no such '80 service'.
So the client will receive 2 respond packets, one is the RST packet
from load balancer, and the other is the normal respond packet from
real server.
Therefore, the client will be confused and cause connection failed.
I think a solution by setting ipchains rule like this :
ipchains -A output -p tcp -s 0/0 80 -d <the client ip> -j DENY
^^^^^^^^^^^^^
It do stop the RST packet from load balancer to real server and make
http services running normally !
How do I control and stop RST response packet sending from the load
balancer in app-level program ?
May someone has a good suggestion to me? Thank you very much!
|
