|
Assuming You have two Hosts with inner IPs, say
10.1.0.1 (host1) and 10.1.0.2 (host2) and outher IPs, say
138.253.12.1 (host1) and 138.253.12.2 (host2), then add the
following lines to your iptables:
on host 1
iptables -A INPUT -s 10.1.0.2 -d 224.0.0.18 -p 112 -j ACCEPT
iptables -A INPUT -s 138.253.12.2 -d 224.0.0.18 -p 112 -j ACCEPT
on host 2
iptables -A INPUT -s 10.1.0.1 -d 224.0.0.18 -p 112 -j ACCEPT
iptables -A INPUT -s 138.253.12.1 -d 224.0.0.18 -p 112 -j ACCEPT
Assure that you have multicast enabled, netstat -g should give you
something such as
# netstat -g
IPv6/IPv4 Group Memberships
Interface RefCnt Group
--------------- ------ ---------------------
lo 1 ALL-SYSTEMS.MCAST.NET
eth0 4 VRRP.MCAST.NET
eth0 1 ALL-SYSTEMS.MCAST.NET
eth1 4 VRRP.MCAST.NET
eth1 1 ALL-SYSTEMS.MCAST.NET
On Wed, 2003-07-02 at 13:32, Glyn Humphreys wrote:
> Does anyone have a strong iptables for use on two keepalived director
> machines.
>
> Ours seems to be stopping the communication between them even though
> they have unlimited access between the two.
>
> Information on which ports will sort this would be appreciated, we
> only use port 80 for HTTP, and 25 for outbound SMTP.
>
> Cheers,
>
> Glyn Humphreys
>
> ______________________________________________________________________
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
--
Tiscover Travel Information Systems AG
www.tiscover.com The Travel Network
Maria-Theresien-Strasse 55 - 57
A-6010 Innsbruck/Tirol/Austria
fon +43 512 5351 777 fax 600
Fingerprint 707D 4D0E D21A C526 51C6 CBAA F7EC 3FE8 133A A0C7
|
