LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Problems with 2.4.2

To: Tao Zhao <taozhao@xxxxxxxxxx>
Subject: Re: Problems with 2.4.2
Cc: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Fri, 17 Aug 2001 02:05:35 +0000 (GMT)
        Hello,

On Thu, 16 Aug 2001, Tao Zhao wrote:

> Why do you need ipchains for masquerading? I think LVS (director) will do
> this automatically because it tracks all incoming connections, change
> the dest according to scheduling decisions, and change the src addr when
> replies go through the director. Correct me if I am wrong.

        No way. You are right :) ipchains rule is needed in 2.4
only for non-LVS traffic, eg. for simple ping. LVS listens on the
FORWARD chain and can feed itself with the NAT replies. In 2.2 it is
done from the ipchains code.

> -Tao
>
> On 16 Aug 2001, Kjetil Torgrim Homme wrote:
>
> > I'm using Red Hat's stock kernel from 7.1, and use ipvsadm from
> > Powertools 7.1.
> >
> > The LVS is set up like this:
> >
> >   ipvsadm -A -t lvs:http -s rr
> >   ipvsadm -a -t lvs:http -r rs1:80 -m -w 1
> >   ipvsadm -a -t lvs:http -r rs2:80 -m -w 1
> >
> > The director has two network interfaces, one public and one private.
> > The two real servers are connected to a hub in the private net.  There
> > are no firewall rules.  The masquerading is set up using ipchains.
> >
> >   ipchains -A forward -j MASQ -s 10.218.128.0/24 -d 0.0.0.0/0


Regards

--
Julian Anastasov <ja@xxxxxx>



<Prev in Thread] Current Thread [Next in Thread>