RE: rc.lvs_nat errors

["Lizambri, Todd" <tlizambri@xxxxxxxxxxxx>]

Thanks for all your help over the past week getting things ironed out.
Here is the iptables command I used to solve the problem and enable
connections to be initiated from my realservers (reverse NAT from
realserver through the director to the outside world).

/sbin/iptables  -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE

where 192.168.1.0 is my private network of my DIP/realservers.



> > OK. I'll buy that...but I don't want it to do that :-).
> > I would like connections initiated from my realserver to 
> clients to NAT
> > to the VIP. I want the LVS to appear as one IP address to 
> the outside
> > world (or my DB teir or whatever). My client is seeing the 
> RIP addresses
> > and  doesn't know how to route packet back to it. Is there a way to
> > accomplish what I want inside of the LVS framework?
> 
> you can NAT out clients from the realservers, but it's not 
> connected to
> the operation of the LVS. You have to do it so that it 
> doesn't affect the LVS.
> Here's how it's done for VS-DR. You can do the same thing for VS-NAT.
> 
> http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO-
> 13.html#ss13.10
> 
> the source address will be the primary IP on the outside of 
> the director,
> which for my script will not be the VIP. 
>

smime.p7s
Description: S/MIME cryptographic signature