-----BEGIN PGP SIGNED MESSAGE-----
Graeme Fowler wrote:
> On Thu 21 Jul 2005 21:06:16 BST , Peter Klapprodt
> <peter.klapprodt@xxxxxxxxx> wrote:
>> Any ideas on how to get internet access working on the real servers
>> using LVS-NAT? I've read something about virtual_routes in keepalived
>> but couldn't find any detailled instructions yet :(
> ..in exactly the same way you would for an ordinary masqueraded network:
> 1. realservers use active director as default gateway
> 2. (on director) echo "1" >> /proc/sys/net/ipv4/ip_forward
> 3. (on director) set up masquerading:
> iptables -t nat -A POSTROUTING -s <priv net>/<netmask> -d <priv
> net>/<netmask> -j ACCEPT
> iptables -t nat -A POSTROUTING -s <priv net>/<netmask> -j MASQUERADE
> and that's it!
> Any packet which returns to the director which is not hooked by LVS as
> part of an active connection will fall through to the nat POSTROUTING
> chain and get masqueraded.
> Works for me, like a charm.
Thanks a lot, it works now. Actually I don't know what exactly the error
was as I tried it this way before and then searched for other ways. I
think I badly misconfigured something by accident :)
Again, thanks a lot!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
-----END PGP SIGNATURE-----