I
have a slightly off-topic question that still may be of interest to more
people on this list.
I
am running LVS/NAT with one director and multiple real servers. The director
is running linux kernel 2.4.18 from kernel.org. The director is connected to
the internet through eth0 (VIP) and to a dmz with the real servers through
eth1 (DIP). Currently I am load-balancing ftp and http traffic, but to access
a mssql server inside the dmz i have a iptables forward (iptables -t nat -A
PREROUTING -i eth0 -p tcp -d $VIP --dport 1433 -j DNAT --to $SQL01:1433) which
works fine.
My
question: I want the sql server inside the dmz (let's call it SQL_DMZ) to be
able to connect to another sql server on my (non-dmz) network (let's call it
SQL_NETW). From the director I can ping them both. So then I add an
iptables forward like this: iptables -t nat -A PREROUTING -i eth1 -p tcp -d
$DIP --dport 1433 -j DNAT --to $SQL_NETW:1433 expecting
connections on the sql port on the DIP interface to be routed to the SQL_NETW
machine. But this does not work.
Who knows what I'm doing wrong?
Thanks,
Rutger
