Re: LVS-NAT or direct routing or...?

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT or direct routing or...?
From: "Kristoffer Egefelt" <dr.fersken@xxxxxxxxx>
Date: Tue, 23 May 2006 10:17:39 +0200

On 5/22/06, Graeme Fowler <graeme@xxxxxxxxxxx> wrote:


On 22/05/2006 15:38, Kristoffer Egefelt wrote:
> If I send a mail from a realserver to my gmail account, it have the
> address of the loadbalancer.
> I would like it to have the source address of the Virtual Server. (so if
> reverse lookup the source ip address in the mail I get the Virtual
> and not the loadbalancer)

Although the director is offering LVS service for you, this problem has
nothing whatsoever to do with LVS.

You want a machine (the realserver) behind a masquerading server (the
director) to appear to have a fixed IP address when making outbound
connections to the internet.


Simply have a SNAT rule on your director's external interface such that
packets going out from the realserver get mapped to the VIP; assuming
here that the external interface is eth0:

iptables -t nat -I POSTROUTING -o eth0 \
                 -s $REALSERVER_IP \
                 -d 0/0 \
                 -j SNAT --to-source $VIRTUAL_IP

This works perfectly!
Thanks guys..


I've used this many times to do a many-to-one mapping for realservers so
that when they initiate external connections, they appear to come from
the same IP.

_______________________________________________ mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>