Re: LVS-NAT and packets originating from realserver

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT and packets originating from realserver
From: Joseph Mack <mack.joseph@xxxxxxx>
Date: Thu, 26 Aug 2004 09:58:43 -0400
Francois JEANMOUGIN wrote:
> Joseph Mack :
> > Horms wrote:
> >
> > >
> > > Why don't you just add an iptables NAT rule to the linux directors?
> > > That should take care of this.
> >
> > this is the method in the HOWTO
> The method in the HOWTO does not cover iptables,

it covers NAT'ing the service of interest and shows how to do it with ipchains.
Doing NAT with iptables is a simple extension of the principle and I expect
people to be able to handle the syntax themselves.

> it implies that the VIP reside as a primary IP address. 


The way I set it up, I was just looking for a way for packets to get out
from a client process on a realserver with a private IP.
I didn't care whether the packets came out with src_addr=VIP or another
IP on the outside of the director.

The solution you've shown is much neater.


Joseph Mack PhD, High Performance Computing & Scientific Visualization
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
<Prev in Thread] Current Thread [Next in Thread>