|
On Wed, 2004-06-23 at 10:58, Brett Simpson wrote:
I have the iptables rules working but I'm having trouble with the
LVS-NAT portion.
Iptables rules:
iptables -t nat -A OUTPUT -p tcp --dport 80 -d 127.0.0.1 -j DNAT --to
207.156.7.115:80
iptables -t nat -A POSTROUTING -p tcp -d 207.156.7.115 -o eth0 --dport
80 -j SNAT --to-source 172.27.228.220
lynx http://127.0.0.1 connects fine.
fast root # ipvsadm -l -n
IP Virtual Server version 1.2.0 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.27.228.220:80 rr
-> 127.0.0.1:80 Local 1 0 0
lynx http://172.27.228.220 doesn't connect fine from the director and a
client (172.27.228.145).
I noticed that the Forward method is set to "Local" instead of
Masquerade.
Any ideas?
Let me try and diagram this...
172.27.228.220
LVS Director
iptables NAT from 127.0.0.1:80 to 207.156.7.115:80
LVS NAT from 172.27.228.220:80 to 127.0.0.1:80
|
|
|
172.27.228.1
Firewall ------- 207.156.7.249 Internet
207.156.7.1
|
|
|
207.156.7.115 on port 80
Realserver
Thanks,
Brett
|
