|
Hi,
I have the following setup: Internet -- firewall -- LAN
netfilter NAT and LVS-NAT are both working on the firewall.
Netfilter NAT (DNAT) forwards connections to the LAN:
publicIPaddr1/port1 -> privateIPaddr1/port1
Note : there is no need to set "public IP address 1" on the firewall here.
LVS-NAT forwards connections to the LAN:
publicIPaddr2/port2 -> privateIPaddr2/port2
publicIPaddr2/port2 -> privateIPaddr3/port2
But here, "public IP address 2" _has_ to be explicitely set on the
public interface of the firewall/director.
Why is that so? Why couldn't LVS proceed as netfilter NAT does?
(that is, not require that the IP address is really defined on the
gateway)
Thanks,
Hervé
--
_
(°= Hervé Eychenne
//) Homepage: http://www.eychenne.org/
v_/_ WallFire project: http://www.wallfire.org/
|
