Re: LVS-NAT or direct routing or...?

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT or direct routing or...?
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Mon, 22 May 2006 17:04:42 +0100

On 22/05/2006 15:38, Kristoffer Egefelt wrote:
If I send a mail from a realserver to my gmail account, it have the source
address of the loadbalancer.
I would like it to have the source address of the Virtual Server. (so if I
reverse lookup the source ip address in the mail I get the Virtual Server
and not the loadbalancer)

Although the director is offering LVS service for you, this problem has nothing whatsoever to do with LVS.

You want a machine (the realserver) behind a masquerading server (the director) to appear to have a fixed IP address when making outbound connections to the internet.


Simply have a SNAT rule on your director's external interface such that packets going out from the realserver get mapped to the VIP; assuming here that the external interface is eth0:

iptables -t nat -I POSTROUTING -o eth0 \
                -s $REALSERVER_IP \
                -d 0/0 \
                -j SNAT --to-source $VIRTUAL_IP

I've used this many times to do a many-to-one mapping for realservers so that when they initiate external connections, they appear to come from the same IP.


<Prev in Thread] Current Thread [Next in Thread>