|
On Tue, 17 Dec 2002, Leonard Soetedjo wrote:
> Hi,
>
> From the HOWTO, when using fwmark, I can set the port to be 0. Is this
> correct? Is it ok if I do that for a single port service such as telnet?
>
> for example
> iptables -t mangle -A PREROUTING -i eth0 -p tcp -s 0/0 -d VIP --dport telnet
> -j MARK --set-mark 1
> ipvsadm -a -f 1 -r RS1:0 -g -w 1
>
> Is the use of "0" not important? i.e. I can set to whatever I want?
You can set it to what ever you want. For Telnet service set it to port
23. Setting it to port 0 means ALL ports. If you set it to 0 you'll load
balance all inbound connections on every port into the real servers. This
may not be what you want. If you want to send multiple ports you can
create multiple iptables rools to mark the traffic with the same fwmark
-Matt
--
----------------------------------------------------------------------
Matthew S. Crocker
Vice President / Internet Division Email: matthew@xxxxxxxxxxx
Crocker Communications Phone: (413) 746-2760
PO BOX 710 Fax: (413) 746-3704
Greenfield, MA 01302-0710 http://www.crocker.com
----------------------------------------------------------------------
|
