Re: Iptables and Keepalived

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: Iptables and Keepalived
From:	Joseph Mack NA3T <jmack@xxxxxxxx>
Date:	Mon, 9 Oct 2006 06:46:31 -0700 (PDT)

On Mon, 9 Oct 2006, Graeme Fowler wrote:

On 09/10/2006 14:38, Sébastien CRAMATTE wrote:
I've tried

iptables -p vrrp -A INPUT -j ACCEPT
iptables -p vrrp -A OUTPUT -j ACCEPT
 seems that not works :(
iptables -I INPUT -d 224.0.0.0/8 -j ACCEPT
You need to explicitly accept multicast for this to work. You can make itmore accurate by setting the appropriate config option in your keepalivedconfig to set the mcast_src_address, and then have a corresponding rule tolet that in.

as well vrrp is not a port, it's a protocol. However theport that vrrpd listens on is in the HOWTO (section 29.6)and you can put an entry for vrrpd into /etc/services andmake the above lines work.


Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

<Prev in Thread]	Current Thread	[Next in Thread>
Iptables and Keepalived, Sébastien CRAMATTE Re: Iptables and Keepalived, Joseph Mack NA3T Re: Iptables and Keepalived, Sébastien CRAMATTE Re: Iptables and Keepalived, Graeme Fowler Re: Iptables and Keepalived, Joseph Mack NA3T <= Re: Iptables and Keepalived, Sébastien CRAMATTE

Previous by Date:	Re: Iptables and Keepalived, Graeme Fowler
Next by Date:	Re: all clients disconnect on failover, Sebastian Vieira
Previous by Thread:	Re: Iptables and Keepalived, Graeme Fowler
Next by Thread:	Re: Iptables and Keepalived, Sébastien CRAMATTE
Indexes:	[Date] [Thread] [Top] [All Lists]