LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: I need for setting up one to many ports

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: I need for setting up one to many ports
From: Horms <horms@xxxxxxxxxxxx>
Date: Tue, 1 Nov 2005 12:26:59 +0900
On Mon, Oct 31, 2005 at 03:54:53PM -0600, Brad Hudson wrote:
> I have a situation where I need to have a single $vip:$port be masked to
> many ports on a backend server. Can someone help with this? Here is what I
> thought would work, but didn't:
> # $port = "XXXX";
> # iptables -A PREROUTING -t mangle -p tcp -s 0.0.0.0/0 <http://0.0.0.0/0> -d
> 0.0.0.0/0 <http://0.0.0.0/0> --dport $port -j MASK --set-mask 1
> # ipvsadm -A -f 1 -s nq -p 600
> # ipvsadm -a -f 1 -r $backend_host -g -w 1
> 
> Further explanation:
> I need clients to go to http://$vip:$port to open a webpage and $port cannot
> be defined as http because this is a service node not a client web server of
> which there are many defined. Once a user is logged into the web page they
> click on a link that kicks off an application on it's own dynamically
> generated port which can be defined in a range (5901-5908). The web applet
> is the access that is really desired.
> 
> Is there a way to use a combination of fwmark to a specific port which will
> in turn allow any other port access? In other words so a user can do the
> following:
> 
> 1. http://$vip:$port - and access a dynamic web app on a different port
> 2. https://$vip:$port - same thing
> 3. ssh -l $user -p $port $vip - ssh directly into the backend node

I am sorry but I am confused. When a client clnnects to port X,
should they be sent to port X on the real-server, or is
there some mapping to turn X into Y? Perhaps an example would help.

-- 
Horms

<Prev in Thread] Current Thread [Next in Thread>