|
Hello,
On Thu, 11 Jan 2001, Justin M. Mahoney wrote:
> echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
You need two lines, the missing one is:
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
> However, even after this was done, my director was still sending out
> ICMP-redirects...?!
> Another question: one test client is at IP 192.168.1.3, on the same wire as
> everything else. When the RS arps for the address 192.168.1.3, it gets a
> reply from my client. Is it then ignoring the default gw (LVS:192.168.0.34)
> and just trying to respond directly to the client? According to the HOWTO
> this shouldn't happen, but I can't think of any other reason why my
Your RS ARPs for 192.168.1.3 because the LVS box redirects it
to this address. The HOWTO is not correct. LVS handles correctly the
ICMP messages related to existing connections but the ICMP redirect
problem is an ipchains-routing problem and it is still _not_ fixed.
This is only a masquerading problem. The dumb nat handles it correctly.
And I don't see an easy fix. The simple solution is the above two
commands.
> Is there any way to stop this madness without resorting to two NICs on my
> LVS? Two NICs is no problem, but the HOWTO states this is not necessary...
IMO, the HOWTO should be fixed.
> If anyone has similar experience/fixes please respond!
I don't have problems using one NIC with masquerading. The trick
is both ends not to have direct routes (not to share same logical
networks), the routes must point to the masq box.
> Thanks for all your help!
> Justin
Regards
--
Julian Anastasov <ja@xxxxxx>
|
