|
Jeremy Kusnetz wrote:
>
> I am having problems with passive mode FTP under kernel 2.2.16 using
> LVS-NAT.
>
> When in passive mode the ftp server returns the RIP, not the VIP, and
> clients from the outside cannot see the RIP.
the director has to masquerade all LVS'ed packets from the real-servers.
Have you masqueraded the passive ftp ports?
> I've loaded ip_masq_ftp. I saw a post about running `/sbin/modprobe
> ip_masq_ftp in_ports=21`, but in_ports comes back as an invalid parameter,
this parameter is only for 2.2.19 (and presumably kernels beyond that).
> Here is how I'm starting lvs for ftp.
> ipvsadm -A -t 216.xxx.xxx.xxx:ftp -s wlc -p 540
> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.0.9:ftp -w 5 -m
> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.32.9:ftp -w 5 -m
> ipvsadm -a -t 216.xxx.xxx.xxx:ftp -R 10.75.64.9:ftp -w 5 -m
add
$ipchains...
The configure script will setup the ipchains rules for you
(handles passive ftp too).
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
