|
It's a setting in your ftp daemon running on that real server - it's what
the ftp server uses to send as a response to the client doing the "PASV"
statement. In Serv-U 4 it's in *your domain* -> Settings -> Advanced Tab ->
Allove passive mode data transfers, use IP: 192.168.1.20.
I don't know WHY this works.. I just tried filling in various IP addresses
(internet legal, ,firewall inside, director outside, director inside, real
server) and only the real server one would work for me and for the hoards of
internet users trying to get to our ftp servers.
My ipvsadm for ftp looks like this:
IP Virtual Server version 1.0.6 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP vip:ftp rr
-> www01:ftp Masq 0 0 0
-> www02:ftp Masq 1 39 44
...
Where www01 and www02 are real servers 192.168.1.10 and 192.168.1.20, and
www01 is waiting for www02 to fail ;-)
Rutger
-----Original Message-----
From: Joseph Mack
Sent: Thursday, 24 October 2002 14:39
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx;
Subject: Re: lvs-NAT ftp (Kernel 2.4.19)
Rutger van Oosten wrote:
>
> I had an issue with lvs_nat and ftp as well. What solved it for me was to
> let the real ftp servers present their own internal ip address
(192.168.1.20
> in the diagram below) as passive ip
how do you "present the internal ip address as a passive ip"?
I assume x.x.x.20 is already in the director's ipvsadm table as one
of the realservers handling ftp?
Joe
--
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor
to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
BenQ. "Bringing Enjoyment 'N Quality to Life". Enjoyment Matters.
|
