Re: LVS-NAT or direct routing or...?

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT or direct routing or...?
From: "Kristoffer Egefelt" <dr.fersken@xxxxxxxxx>
Date: Mon, 22 May 2006 16:05:48 +0200
I think the problem is, that the realserver doesn't answer an incomming
connection so it uses the primary ip address of the loadbalancer as source.

From the how-to:
4.10.1. So make the VIP the primary IP on the outside of the director

Wayne *wayne (at) compute-aid (dot) com* 26 Apr 2000

Any web server behind the LVS box use LVS-NAT can initiate communication to
the Internet. However, it is not using the farm IP address, rather it is
using the masquerading IP address -- the actual IP address of the interface.
Is there easy way to let the server in NAT mode to go out as the farm IP


No. This is a limitation in the 2.2 masquerading code. It will always use
the first address on the interface.

We tried and it works! We put VIP on eth0, and RIP on eth0:1 in NAT mode and
it works fine. Just need to figure out how to do it during reboot, since
this is done by playing with ifconfigure command. Once we swap them around,
the going out IP address is the VIP address. But if LVS box reboot, you just
have to redo it again.

As I see it it's not possible to have multiple realservers initating
connections with different source ip's? Or..?

Does anybody have a solution for this?


On 5/19/06, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:

On Thu, 18 May 2006, Kristoffer Egefelt wrote:

> Thanks for your reply, but this is exactly the problem.
> The reply don't come from the VIP, it comes from the
> loadbalancers primary ipaddress.

apologies - I misread your original posting.

> Setup:
> 1 debian 2.6 w. iptables -  LVS-NAT with 1 public and 1 private
> 2 mailservers.
> It's like this:
> Loadbalancer ip -
> VIP -
> Mailserver ip -
> Mails from originates from, I would like them to
> originate from

This shouldn't happen. Do you have any iptables rules,
packet munging of any sort, installed? If so try it without
the rules.

Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at
Homepage It's GNU/Linux!
_______________________________________________ mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>