|
I've got a basic LVS-NAT setup:
[director] ------ VIP-eth0(207.7.x.x) eth1(192.168.254.1/24)
|
|
[switch]
/ \
[rs1] [rs2] [rs3] [rsN] - eth is 192.168.254.0/24 - with the default
(and only route) back to .1 - the director.
What I'd like to be able to do is connect to the VIP+port from a realserver,
and have my connection be balanced to a realserver. Unfortunately this
doesn't work. tcpdump shows packets being sent, but nothing coming back:
IP 192.168.254.2.47496 > 207.7.x.1.80: S 3436179033:3436179033(0) win 5840 <mss
1460,sackOK,timestamp 1041789423 0,nop,wscale 0>
IP 192.168.254.2.47496 > 192.168.254.2.80: S 3436179033:3436179033(0) win 5840
<mss 1460,sackOK,timestamp 1041789423 0,nop,wscale 0>
My iptables rules look like this:
iptables -t nat -A POSTROUTING -j MASQUERADE -s 192.168.254.0/24
iptables -t mangle -A PREROUTING -d 192.168.254.0/24 -j MARK --set-mark 1
Like I said - very basic.
I found this thread from a few years ago:
http://archive.linuxvirtualserver.org/html/lvs-users/2003-02/msg00096.html
which refers CONFIG_IP_NF_NAT_LOCAL, which looks like it might solve my
problem, except for a) the thread died without any conclusion on how Ian
actually got it to work. b) I'm running a 2.6 kernel, which doesn't appear to
have CONFIG_IP_NF_NAT_LOCAL.
Anyone have any thoughts on how to go realserver -> vip?
Thanks
-D
--
<dr.pox> wtf? a garbled dingbat makes java switch to DWIM?
|
