LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Problems with LVS-NAT and direct routing to network behind LVS.....

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Problems with LVS-NAT and direct routing to network behind LVS.....
From: Pawel Kisiel <tecman@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 29 Aug 2001 20:13:03 +0200 (CEST)
On Wed, 29 Aug 2001, Joseph Mack wrote:

> Pawel Kisiel wrote:
> > 
> >                 Hello.....
> > 
> >         I have working configuration of LVS-NAT on my Linux
> > box.....everything is working good except one little thing......
> > 
> >         --------------- private network
> >         |             |
> >         |10.10.0.0/24 |                         real servers
> >         ---------------       ___________       _________ network
> >                 |             |         |       |       |
> >                 |             |         |       |10.10. |
> >                 |_____________|         |_______|1.0/24 |
> >                               | LVS-NAT |       |       |
> >                          _____|         |       |       |
> >                          |    |_________|       |       |
> >                          |                      |_______|
> >                          |
> >                   _______|________
> >                   |              |
> >                   |   INTERNET   |
> >                   |              |
> >                   |______________|
> > 
> >      I have the direct routing from 10.10.0.0/24 to 10.10.1.0/24
> 
> 
> I'm confused. You have both NAT and DR? Why do you differentiate
> between in the internet and 10.10.0.0 in this diagram?
I'm not doing LVS-DR on this linux box.... I'm only doing LVS-NAT for 
10.10.1.0/24 network.... This 10.10.0.0/24 network is developers network
in my company.....and LVS-NAT and 10.10.1.0/24 are in DMZ...
        The network topology in this diagram  is familiar to real one in
my company....and to DMZ I have normal direct routing...but clients from
internet they have to have only access to LVS-NAT box.....
        But as I wrote in my last e-mail ports that are mapped on LVS-NAT 
are no longer available for people from this private network.....


        Pawel Kisiel



<Prev in Thread] Current Thread [Next in Thread>