|
On Thu, May 22, 2003 at 08:22:37AM -0400, Matthew Crocker wrote:
> >Horms,
> > As I know, the lvs director with NAT rewrites the destination IP
> >address for incoming packets and rewrites the source IP address for
> >outgoing packets. Thus real server must set lvs director as default
> >gateway.
> >
> > Now I wonder if the lvs director can rewrite both destination IP
> >address and source IP address for all packets. Example, director
> >replace the destionation IP address with real server's IP address and
> >replace the source IP address with director's private address.So real
> >server don't have to set director as default gateway. Can lvs do it?
> >Thank you
> >
>
> Couldn't this be done at the netfilter level. Setup NAT on the
> outbound traffic for the inside interface. Kinda a reverse NAT for the
> Internet. Inbound traffic gets load balanced by LVS-NAT (i.e. the
> source stays the same but the destination becomes the real server).
> Gets routed out the LVS box and hits the netfilter NAT setup and gets
> NATed (i.e. the destination stays the same but the source gets
> rewritten to that of the LVS internal IP). The real server gets a
> packet from the LVS. This would eliminate any useful information in
> the logs but it should work.
I am still not clear on how the return packets get sent back to
the end-user if the source address of incoming packets is that
of the linux director. Also the logging information loss really
is a problem, people like their logs.
--
Horms
|
