Dear Horm and list,
Again arp problems!
Suppose Now I have a realserver with real ip=10.70.75.3. And I wish that this
realserver provide http service for the director with virtual
address=10.70.75.4 (using LVS/DR).
To prevent this realserver answer arp, I use the following iptables command:
iptables -t nat -A PREROUTING -p tcp -d 10.70.75.4 --dport 80 -j REDIRECT
--to-port 80
I think that if I have already run this command, I could not use http service
directly in this realserver. It means that if on my LAN network there is only
ONE this realserver having the virtual IP address 10.70.75.4, I CAN NOT access
any webpages from this by typing "http://10.70.75.4/" in the address bar of IE
or Netscape in any computer on the Lan. But in fact, I could . So I think that
I must have not succedded in configuring iptables to solve arp problem as Horm
described.
Can anyone please tell me how to overcome this?
--
Visit: http://www.netcenter.vn/
|