Re: Real & virtual ip address confusion

To:	Julian Anastasov <ja@xxxxxx>
Subject:	Re: Real & virtual ip address confusion
Cc:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From:	John Reuning <john@xxxxxxxxxxxxxxx>
Date:	16 Jun 2003 15:49:30 -0400

On Mon, 2003-06-16 at 15:37, Julian Anastasov wrote:
> 
>       Do you have any iptables rules? What shows ipvsadm -Ln ?

Yes, there are iptables rules for NAT support.  The real servers make
connections to servers out of the internal network.  The iptables script
and the ipvsadm output are included below.  Please let me know if
something doesn't make sense.

Thanks,

-jrr

------------------------
external=152.2.210.81
extif=eth0
intif=eth1
IPT=/sbin/iptables

$IPT -F FORWARD
$IPT -P FORWARD DROP
$IPT -F -t nat

# set up NAT
$IPT -A FORWARD -i $extif -d $external -p tcp -j ACCEPT
$IPT -A FORWARD -i $extif -o $intif -m state --state ESTABLISHED,RELATED
 -j ACCEPT
$IPT -A FORWARD -i $intif -o $extif -j ACCEPT

for host in $nodes; do
        $IPT -A FORWARD -s $host/32 -i $intif -o $extif -j ACCEPT 
done

$IPT -t nat -A POSTROUTING -o $extif -j MASQUERADE
----------------------

and the ipvsadm output:

----------------------
IP Virtual Server version 1.0.9 (size=65536)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  152.2.210.81:80 lc persistent 300
  -> 192.168.210.45:80            Masq    1      41         306       
  -> 192.168.210.44:80            Masq    1      43         220       
  -> 192.168.210.43:80            Masq    1      42         213       
  -> 192.168.210.42:80            Masq    1      43         282       
  -> 192.168.210.41:80            Masq    1      44         373       
  -> 192.168.210.40:80            Masq    1      47         305       
TCP  152.2.210.81:873 lc
  -> 192.168.210.45:873           Masq    1      2          0         
  -> 192.168.210.44:873           Masq    1      2          0         
  -> 192.168.210.43:873           Masq    1      2          0         
  -> 192.168.210.42:873           Masq    1      2          0         
  -> 192.168.210.41:873           Masq    1      2          0         
  -> 192.168.210.40:873           Masq    1      0          1         
TCP  152.2.210.81:21 lc persistent 300
  -> 192.168.210.45:21            Masq    1      67         151       
  -> 192.168.210.44:21            Masq    1      70         24        
  -> 192.168.210.43:21            Masq    1      69         204       
  -> 192.168.210.42:21            Masq    1      72         66        
  -> 192.168.210.41:21            Masq    1      70         15        
  -> 192.168.210.40:21            Masq    1      61         2180

<Prev in Thread]	Current Thread	[Next in Thread>
Real & virtual ip address confusion, John Reuning Re: Real & virtual ip address confusion, Joseph Mack Re: Real & virtual ip address confusion, John Reuning Re: Real & virtual ip address confusion, Joseph Mack Re: Real & virtual ip address confusion, John Reuning Re: Real & virtual ip address confusion, John Reuning Re: Real & virtual ip address confusion, Joseph Mack Re: Real & virtual ip address confusion, John Reuning Re: Real & virtual ip address confusion, Joseph Mack Re: Real & virtual ip address confusion, Julian Anastasov Re: Real & virtual ip address confusion, John Reuning <= Re: Real & virtual ip address confusion, Julian Anastasov Re: Real & virtual ip address confusion, John Reuning

Previous by Date:	Re: Real & virtual ip address confusion, Julian Anastasov
Next by Date:	lvs, max connections on realservers, julius
Previous by Thread:	Re: Real & virtual ip address confusion, Julian Anastasov
Next by Thread:	Re: Real & virtual ip address confusion, Julian Anastasov
Indexes:	[Date] [Thread] [Top] [All Lists]