|
On Tue, Aug 28 2007, Joseph Mack NA3T wrote:
> On Tue, 28 Aug 2007, Dan Brown wrote:
>
> > iptables -A OUTPUT -o $EXT_INT -m state --state
> NEW,ESTABLISHED,RELATED
> > -j ACCEPT
>
> you should add your iptables rules after your LVS is working.
Ah yes. Stupid step #52 when moving LVS from a streamlined setup directly
to separate directors.
52. Copy your iptables rules directly from your director-real_server to your
new individual directors without a second thought. Include them in your
emails to the user discussion lists when you run into troubles in order to
appear incredibly foolish. Especially important is to ignore the fact that
none of the VIPs the rules cover no longer have an endpoint on the director
itself.
Thanks. :)
___________________________________________________
Dan Brown
danb@xxxxxx
|
