|
On Fri, 22 Dec 2006, Robinson, Eric wrote:
so how have clients been getting back their ftp-data packets till now?
I configure the tunnel to allow FTP-DATA connections from the RIPs of
the FTP servers to the client's network.
the RIPs then must be public IPs?
The clients establish the
control connections to the VIP of the load-balancer, but the data
connections come from the RealServers.
if the client is connecting with the VIP, why is it
accepting an ftp-data connect request from the RIP?
do you have the port=20 option (forget syntax) when loading your ftp
helper?
I'll check, but does it matter with active FTP? The HOWTO implies it
doesn't.
I didn't get a straight answer from Julian on the matter
last time I asked if it had changed. Worth a try.
you have no iptables rules on the director/realservers?
No, the firewalls are separate appliances. No packet filtering on the
load-balancers.
realservers? You have your tunnel.
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
| 