|
Hello Marco,
Marco Lorig wrote:
Hi Roberto,
thanks for this reply.
I do not know much about iptables syntax and configuration.
As long as you don't get an error you're fine :)
I copied your iptables syntax and set it up.
Good.
Is there anything to set up with iptables or these four lines are all what i
need?
I would think so.
I ask this, because everything looks fine, iptables and ipvsadm on my LVS but
nothing happens.
Could you, just for the sake of the 2n-eyes (I hope there are no cyclones here)
principle port following output before the connection attempt from 10.1.1.1 and
after?
iptables -t mangle -n -L
ipvsadm -L -n
Which means, it looks like ipvsadm or iptables, maybe both do not care about
the packets.
ipvsadm certainly doesn't care about packets, it's only there to setup the
"rules" for the packets. Dito for iptables. It's the userspace tool for the
netfilter framework.
If i tried telnet from 10.1.1.1 to the VIP and i got the login from the
> LVS-Director, not the login from the RealServer 10.1.5.7 as i expect.
Mhh, strange, let's see the output.
iptables -t mangle -n -L PREROUTING is similar to yours.
It should be the same according to the network design you gave me last time.
ipvsadm -L -n dto.
Alternatively you could try to setup the fwmark packets like Horms wrote but as
he correctly states this shouldn't make any difference.
Regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
| 