|
The server is Linux 2.4.2/LVS 0.2.8/IPtables 1.2, running persistant NAT
I've noticed two distinct problems. 1) When using SNAT on the LVS server
ie:
iptables -t nat -A POSTROUTING -d <realserver_ip> -j SNAT --to
<lvs_server_ip>
the IP never gets SNAT'd. With LVS, is the POSTROUTING chain skipped?
2) When using DNAT on the realserver ie:
iptables -t nat -A PREROUTING -d <virtual_ip_unused_by_lvs> \
-j DNAT --to <real_server_ip>
it works as expected - you can ssh to the virtual IP and get forwarded onto
the
realserver through the LVS server. However, when you try to access a port
on the realserver which also maps to a LVS service, the response packet
never makes it back to the client. It gets lost on the LVS server.
Rob
|
