LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Packets aren't returning to host

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Packets aren't returning to host
From: Horms <horms@xxxxxxxxxxxx>
Date: Mon, 25 Aug 2003 09:10:38 +1000
On Sun, Aug 24, 2003 at 10:47:24PM +0100, Andy Harding wrote:
> I'm a newbie to LVS so I might be wrong but there is one thing I thought
> was strange about your setup...
> 
> With kernel 2.4.21 you shouldn't be setting up ipchains (or iptables)
> rules for the demasquerading as it is done by the LVS code.
> 
> Take a look here:
> http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO.LVS-NAT.html#lvs_nat_demasquerading

I don't think that it matters much weathr you run the iptables/ipchans
rules or not. When using LVS with 2.4.x rules set in that manner effect 
the masquerading of connections initialised by the real servers and
not the masquerading of connections handled by LVS which originate
from end users.

I.e. if you have the masquerading rules in place then
your real servers can make connections to the outside world,
if you don't they can't. But in either case they should
be able to accept connections forwarded to them from the outside
world by LVS.

-- 
Horms
<Prev in Thread] Current Thread [Next in Thread>