Hi Everybody,
We have a LVS setup as follows-
We are running only NAT. Linux kernel version 2.2.14 running on all the
boxes. LVS version 0.9.12.
Client 192.168.1.2
Director=192.168.1.1
10.1.1.1
RealServer 10.1.1.2
We wanted to run a client on the director. We were going though the LVS code
and the HOWTO and came across the following:
4. Gotchas
Need outside client:
The LVS functions as one machine. You must access the LVS from a
client that is NOT a member of the LVS. You cannot access an LVS
controlled service (eg http, telnet) from any of the machines in
the LVS; access from the director will hang, access from a
realserver will connect to the service locally, bypassing the LVS.
Minimum 3 machines: client, director, realserver(s)
We thought the relevant code from the ip_masq.c file is:
/*
* Big tappo: only PACKET_HOST (nor loopback neither mcasts)
* ... don't know why 1st test DOES NOT include 2nd (?)
*/
if (skb->pkt_type != PACKET_HOST || skb->dev == &loopback_dev) {
IP_MASQ_DEBUG(2, "ip_fw_demasquerade(): packet type=%d proto=%d
daddr=%d.%d.%d.%d ignored\n",
skb->pkt_type,
iph->protocol,
NIPQUAD(iph->daddr));
return 0;
}
We would like to know if there are any implications of commenting out the
check for loopback device, especially since we are running only NAT. Would
this allow us to have a client on the director. Are there any other loopback
checks.
Waiting in anticipation,
Aditya,Anmol,Phani.
|