RE: lvs-NAT ftp (Kernel 2.4.19)

To:	"'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	RE: lvs-NAT ftp (Kernel 2.4.19)
From:	Rutger van Oosten <R.vanOosten@xxxxxxxxxxx>
Date:	Thu, 24 Oct 2002 14:29:21 +0200

I had an issue with lvs_nat and ftp as well. What solved it for me was to
let the real ftp servers present their own internal ip address (192.168.1.20
in the diagram below) as passive ip - which then obviously gets translated
by the director/ip_vs_ftp into the DMZ ip and then by the firewall into the
valid external ip. My setup:

The internet
     |
     |
  e.f.g.h (internet legal address)
 *Firewall*
  a.b.c.1 (firewall address for DMZ)
     |
     |
  a.b.c.d (DMZ address)
 *Director*
192.168.1.1
     |
     |----------- other real servers in 192.168.1.x range
     |
192.168.1.20
*Real FTP Server presenting 192.168.1.20 as passive mode IP address*

Rutger

-----Original Message-----
From: Joseph Mack 
Sent: Thursday, 24 October 2002 13:57
Subject: Re: lvs-NAT ftp (Kernel 2.4.19)

Tim Cronin wrote:
> 
> i've got the following setup
> 
> IP Virtual Server version 1.0.6 (size=1048576)
> Prot LocalAddress:Port Scheduler Flags
>   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
<snip>

> TCP  172.24.1.240:ftp wlc persistent 360
>   -> 192.168.1.20:ftp             Masq    1      2          1
> 
> within my lvs script I do...
> #load kernel modules
> modprobe ip_vs_ftp
> 
> if I use ws_ftp pro my data connection keeps getting reset
> 
> on ncftp I get:
> Data connection from 192.168.1.20:1464 did not originate from remote
server
> 172.24.1.240:21!
> List failed.

fails for me too on 0.9.4/2.4.9 with ncftp using PASV, but works fine
for the standard active mode command line ftp client.

Julian,

do you know if ip_vs_ftp works in PASV mode for 2.4.x kernels?

Joe

-- 
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor 
to the National Environmental Supercomputer Center, 
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users


BenQ. "Bringing Enjoyment 'N Quality to Life". Enjoyment Matters.

<Prev in Thread]	Current Thread	[Next in Thread>
lvs-NAT ftp (Kernel 2.4.19), Tim Cronin Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack Re: lvs-NAT ftp (Kernel 2.4.19), Julian Anastasov Re: lvs-NAT ftp (Kernel 2.4.19), Julian Anastasov RE: lvs-NAT ftp (Kernel 2.4.19), Rutger van Oosten <= Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack RE: lvs-NAT ftp (Kernel 2.4.19), Rutger van Oosten Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack RE: lvs-NAT ftp (Kernel 2.4.19), laurie . baker Re: lvs-NAT ftp (Kernel 2.4.19), Sébastien Bonnet Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack RE: lvs-NAT ftp (Kernel 2.4.19), Rutger van Oosten Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack

Previous by Date:	Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack
Next by Date:	Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack
Previous by Thread:	Re: lvs-NAT ftp (Kernel 2.4.19), Julian Anastasov
Next by Thread:	Re: lvs-NAT ftp (Kernel 2.4.19), Joseph Mack
Indexes:	[Date] [Thread] [Top] [All Lists]