On Fri, 17 Aug 2001, Draschl Clemens wrote:
> hi
>
> i solved the problem by just adding an ipchain-rule:
>
> ipchains -A forward -j MASQ -p udp/tcp -s 192.168.10.0/24 -d 0.0.0.0/0
> 53
>
> you can modify the 0.0.... part to point to a specific dns. important is
> then the netmask /32, not /0. but port 53 for dns. start with porotocol
> udp, which works most of the time. tcp is used for larger packets, so
> you'll have to add these two protocols. of course, a nameserver must be
> specified on the internal servers .. ;-)
> but be carefull. running the rc.lvs_nat script flushes all the ipchains!
you can change that by setting CLEAR_IPVS_TABLES=NO
your ipvsadm tables won't be cleared either. I admit it's not a great
solution, but it's what I have for the moment. can you use ipchains-save
and ipchains-restore?
Joe
--
Joseph Mack mack@xxxxxxxxxxx
|