|
I guess what you want is something in the line of this: http://
www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-
NAT.html#clients_on_LVS-NAT_realserver_contacting_services_on_VIP
Paulo F. Andrade 52439@IST
mailto: pfca@xxxxxxxxxxxxxxx
On 2006/07/14, at 07:25, Josh Marshall wrote:
Hi,
Along similar lines to this I would like to know if it's possible
to allow realservers behind a LVS-NAT to access virtual servers.
e.g. I have a pair of webservers and a pair of mailservers behind a
single LVS-NAT machine. When a webserver emails the mailserver
(hundreds of virtual domains so faking the dns would be a pain) it
is not able to connect via the external IP address.
When I do a tcpdump I see that the request is going from the
webserver to the firewall then to the mailserver, but the path back
to the webserver is direct, and since it's the internal ip address
of the mailserver rather than the ip address of the VIP the
webserver doesn't recognise the reply.
Is there some way I can get the firewall to SNAT so that
connections will go via the firewall correctly? I read somewhere
that I could use mark tables but couldn't quite piece it all together.
Thanks,
Josh
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
