Hello,
On Fri, 15 Feb 2002, Mark Weaver wrote:
> out. I'm assuming that LVS is mangling the packets, thinking erroneously
> that they are part of a load balanced connection. If there is anyway around
Do I understand correctly, you are trying to access
directly 192.168.1.7:25 from 10.0.5.10 while at the same time
you want LVS to handle the SMTP traffic from other non-directly
attached networks (from universe)?
If yes, try with the latest 0.9.x LVS versions,
starting from 0.9.8 there is a nat_icmp_send sysctl
var that controls whether LVS should consider the real services
accessible only under its control. In your case it is not
true. IIRC, the value is 0 by default which should work for you.
This is similar to the 2.2 handling where with more specific
ipchains -s R.E.A.L -d D.E.S.T -j ACCEPT rules the masquerading
is avoided when talking to other directly attached networks and
the in->out NAT traffic is not altered from LVS.
> it that would be great, if not I'll simply assign an additional IP to the
> real servers, and use that for my nefarious purposes.
> Thanks in advance,
>
> Mark
Regards
--
Julian Anastasov <ja@xxxxxx>
|