LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3

from [Joseph Mack NA3T] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3
From: Joseph Mack NA3T <jmack@xxxxxxxx>
Date: Tue, 28 Feb 2006 13:20:11 -0800 (PST) 
On Tue, 28 Feb 2006, Brad Dameron wrote:


This all seems to work. I am curious if using iptables to handle
masquerading is the proper way to allow my internal machines to ping/ssh
to the outside world since I am using NAT or can the IPVS handle this?
from the proper way of being secure, you don't want you clients to have any way of knowing that the realservers exist. The LVS should look like a single machine.
If you're prepared to throw that away, then iptables is the way to go. We're not going to let ipvs help you though. 

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux!
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3, Brad Dameron
Next by Date:  Re: Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3, Joseph Mack NA3T
Previous by Thread:  Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3, Brad Dameron
Next by Thread:  Re: Kernel 2.6.11+ w/IPVS 1.2.1 on SuSe 9.3, Joseph Mack NA3T
Indexes:  [Date] [Thread] [Top] [All Lists]