|
arptables -L -vn should indicate whether it is working. Check the values for
pkts/bytes in the IN and OUT chain.
On Mon, 28 Mar 2005, Kirk wrote:
On my web farm server (real server) I have this:
Eth0 210.210.30.210
Eth1 10.0.0.1
Lo 127.0.0.1
Lo:0 210.210.30.200 # VIP
I put in the arptables entries of:
arptables -A IN -d 210.210.30.200 -j DROP
arptables -A OUT -s 210.210.30.200 -j mangle --mangle-ip-s 210.210.30.210
and then I look at the arp output with 'tcpdump -n -e arp' when hitting the
server with a request and one of the two web servers is responding with:
0:30:48:80:b3:66 Broadcast arp 42: arp who-has 210.210.30.200 tell
210.210.30.210
0:d:bd:4a:3b:0 0:30:48:80:b3:66 arp 60: arp reply 210.210.30.200 is-at
0:d:bd:4a:3b:0
Should this machine be responding to arp at all?
| 