|
Hi.
I use an IPVS-based two of LoadBalancing boxes that also are
Netfilter/IPtables firewall (Red Hat 7.3 + UltraMonkey kernel and
heartbeat/ldirectord/ipvsadm stuff).
I use NAT to loadbalance HTTP trafic from LB boxes to two proxies.
This looks like this :
Intranet ----+
|
+--+--+
LB LB ---+
+--+--+ +- Proxy -+
| +- Proxy -+
| |
Internet ----+------------------+
LBs, Proxy are on different subnets.
I did notice (tcpdump'ing trafic between LBs and Proxys) that even with
NAT set on ldirectord.cf (Masq), trafic from Intranet clients to Proxy
arrive with Clients's IP. I did expect it to come masqueraded by the LB,
so I do not have to set up routing for trafic back from Internet to
Intranet.
What's wrong ?
PS: I can provide more detailed ASCII schema if needed...
--
Guillaume Arcas
---------------------------------------------------
Le monde est ma représentation. S'il est une vérité
qu'on puisse affirmer, c'est bien celle-là.
A. Schopenhauer
|
