|
Joseph Mack NA3T a écrit :
> On Mon, 9 Oct 2006, Graeme Fowler wrote:
>
>> On 09/10/2006 14:38, Sébastien CRAMATTE wrote:
>>> I've tried
>>>
>>> iptables -p vrrp -A INPUT -j ACCEPT
>>> iptables -p vrrp -A OUTPUT -j ACCEPT
>>> seems that not works :(
>>
>> iptables -I INPUT -d 224.0.0.0/8 -j ACCEPT
>>
>> You need to explicitly accept multicast for this to work. You can
>> make it more accurate by setting the appropriate config option in
>> your keepalived config to set the mcast_src_address, and then have a
>> corresponding rule to let that in.
>
> as well vrrp is not a port, it's a protocol. However the port that
> vrrpd listens on is in the HOWTO (section 29.6) and you can put an
> entry for vrrpd into /etc/services and make the above lines work.
>
> Joe
I've take a look to the howto (RTFM ...)
So I've added the line /etc/services
vrrp 112/raw # vrrpd daemon
with just these 2 iptables rules
iptables -p vrrp -A INPUT -j ACCEPT
iptables -p vrrp -A OUTPUT -j ACCEPT
and seems to work without (the virtual IP are assigned and released
correctly )
iptables -I INPUT -d 224.0.0.0/8 -j ACCEPT
it's strange because I don't have open igmp ????
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.407 / Virus Database: 268.13.1/466 - Release Date: 07/10/2006
>
|
