|
Hi,
Try this : ipchains -A forward -j MASQ -p tcp -s 192.168.200.0/24 80 -d
0.0.0.0/0
=> That way you only NAT port 80 of your realservers, all the other
services are accessible via routing table.
=> You need then to set on your default gateway network router a routing
entry to route direct traffic to IP addresses of your realserver throught
LVS. For example if LVS loadbalance realserver pool owning IP class
192.168.200.0/24, if your LVS accessible IP is 192.168.100.10 then append
something like this : ip route add 192.168.200.0/24 via 192.168.100.10 on
your default gateway network router.
Read http://keepalived.sourceforge.net QuickStart.pdf guide this is exactly
the configuration you need.
Hope it will help,
Alexandre
>the problem now is, that each of the web servers needs its own
>ssh-access for maintainance.
>i tried it first with rr-scheduling with just setting up one service for
>each server, but it didn't work. the second thing i tried is with ipmasq
>portfw, the same. the last thing i tried was rinetd, again nothing. i
>wasn't able to access one of the webserver directly at all.
>i set up several ipchains too, but nothing happened.
|
