|
Malcolm Turnbull wrote:
>
> Does it do any harm to turn of ICMP re-directs for all modes NAT,TUN & DR ?
Although the icmp chapter doesn't go into this (it's handled in the
sections for each forwarding method), the reason you want icmp redirects
off is to stop the realserver finding a different default gw than you
tell it. This really is only a problem for one-network LVS-NAT.
icmp redirects are useful. I personally would leave them on unless
you've got a good reason to turn them off. One day in the distant
future, you're going to rearrange your setup and suddenly it won't
work anymore and you're going to have the devil of a time figuring
out why.
The answer to your question is that if the nodes know the routes
then you don't need icmp redirects and you can turn them off.
Joe
--
Joseph Mack PhD, High Performance Computing & Scientific Visualization
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
|
