|
On Mon, Mar 28, 2005 at 09:16:21AM +1000, Con Tassios wrote:
> With RHEL3 you can install the arptables_jf package (included in RHEL) and
> use that to overcome the ARP problem. No patching of the kernel is
> required.
>
> On the Real Servers:
>
> arptables -F
> arptables -A IN -d $VIP -j DROP
> arptables -A OUT -s $VIP -j mangle --mangle-ip-s $RIP
> service arptables_jf save
> chkconfig arptables_jf on
>
> where RIP = Real Server IP address and VIP = Virtual IP address.
What is above works fine if you only have one arping (i.e. ethernet)
interface. But you need to add the mangle entry for each if you have
multiple interfaces. I have been working on a script to help manage
this.
http://cvs.sourceforge.net/viewcvs.py/vanessa/scratch/arptables-noarp-addr/
--
Horms
|
