LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

RE: Netfilter connection tracking support for IPVS

from [Julian Anastasov] [Permanent Link]
To: Nicklas Bondesson <nicklas.bondesson@xxxxxxxxxxxx>
Subject: RE: Netfilter connection tracking support for IPVS
Cc: "'LinuxVirtualServer.org users mailing list.'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Sat, 24 Feb 2007 00:17:59 +0200 (EET) 
        Hello,

On Fri, 23 Feb 2007, Nicklas Bondesson wrote:

> I have sucessfully built the kernel with your original patch (using the old
> Dependent connection tracking way). I am however still unable to SNAT
> traffic leaving the box. I'm runnng the director and firewall on the same
> box.
> 
> This is enabled:
> 
> enable the NFCT support at run time:
> echo 1 > /proc/sys/net/ipv4/vs/conntrack
> 
> enable the SNAT rerouting for IPVS traffic (optional, useful for
> source based routing, in fact, not related to this NFCT support)

        This rerouting is only for IPVS packets

> echo 1 > /proc/sys/net/ipv4/vs/snat_reroute

        Can you clarify how the following rule is related to IPVS?

> And this is how I do SNAT: iptables -t nat -A POSTROUTING -o eth0 -j SNAT
> --to-source 11.22.33.44
> 
> 
> Any suggestions?

        Is the SNAT rule working without NFCT patch?

Regards

--
Julian Anastasov <ja@xxxxxx>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Netfilter connection tracking support for IPVS, Janusz Krzysztofik
Next by Date:  RE: Netfilter connection tracking support for IPVS, Nicklas Bondesson
Previous by Thread:  Re: Netfilter connection tracking support for IPVS, Janusz Krzysztofik
Next by Thread:  RE: Netfilter connection tracking support for IPVS, Nicklas Bondesson
Indexes:  [Date] [Thread] [Top] [All Lists]