|
Hello all, i've googled , read and searched almost everywhere , hope you can
help me,
here is my network
Router ( 192.168.0.1 ) gw for all
|
|--- real server2 ( eth0: 192.168.0.4)
|
Lvs-DR & real server1
( eth0: 192.168.0.2 )
( eth0:1 192.168.0.111 ) lvs
( eth1: 192.168.0.3 ) service nic
the service is squid, i have no arp problems , and real server2 is ok.
the router intercepts anything destination port 80 ( not from the squids ) and
throughs them to the DR IP which has the 2 real servers in its list ( the local
nic, and the remote server ) , the DR iptables has
iptables -t mangle -A PREROUTING -p tcp --dport 80 -i eth0:1 -j MARK --set-mark
0x1
which works fine
iptables -t mangle -A PREROUTING -p tcp --dport 80 -i eth1 -j MARK --set-mark
0x2
Now the problem is in the Nat table
because am using squid, i must use dnat or redirect to accept the incomming
packets
if i do this
iptables -t nat -A PREROUTING -p tcp -m mark -- mark 0x1 -j REDIRECT
all packets are processed locally and nothing goes to real server 2
if i leave it empty or use 0x2 fwmark , real server2 works fine, but the local
service does not. this is because when the DR process the packet , and tries
to send it to the local nic ( it process it locally ) and the iptables fwmark
0x65 will not work and hence the packet will not be redirected at the nat table.
if i use the lo interface to mark it , all packets destined for both real
servers will be processed locally.
any ideas/ theories / solutions is highly appreciated
thanks
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
