On Fri, September 5, 2008 10:47, Julius Volz wrote:
> On Fri, Sep 5, 2008 at 5:45 PM, Julius Volz <juliusv@xxxxxxxxxx> wrote:
>> On Fri, Sep 5, 2008 at 5:42 PM, David Dyer-Bennet <dd-b@xxxxxxxx> wrote:
>>> Should I expect to see something in iptables -t nat -L created by LVS?
>>> Because even when traffic is being accepted and directed properly, I
>>> don't.
>>
>> Nope, LVS does its own connection tracking.
>
> ...and NAT.
Where does that come in the block diagram of Linux network packet handling?
Documentation note: I've been reading "NAT" as referring to the other
Linux network service in netfilter, rather than as a more generic use of
the term. I'd suggest making this a bit clearer in the documentation --
that LVS NAT does NOT use the normal Linux NAT that people have mostly at
least heard of.
Does it conflict with setting up regular NAT to support outbound
connections originating from the realservers (such as to a database)?
Does it block routing to external addresses other than through the NAT
entries? And where can I see those entries (I don't see any way to list
them with ipvsadm which is the only tool I know to talk to ip_vs).
Should I not be trying to do this with NAT, use DR instead? I've been
trying to avoid having to muck about with the installation of each of the
realserver OS installs that DR seems to require, but I can do it if I need
to; it seems to be documented. (Linux and Windows Server 2003).
--
David Dyer-Bennet, dd-b@xxxxxxxx; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
|