Thanks for the info. I'm going to try to setup a test environment tonight or tomorrow and play around with it. I just didn't want to waste the time if it was something that wouldn't work in the long run. Gary
________________________________ From: [EMAIL PROTECTED] on behalf of Joseph Mack NA3T Sent: Wed 9/12/2007 11:04 AM To: LinuxVirtualServer.org users mailing list. Subject: Re: [lvs-users] IPVSADM/IPTables question On Wed, 12 Sep 2007, Gary W. Smith wrote: >> sometimes it works OK and sometimes it doesn't. > > So is this something you would recommend we explore, or just go back to > using a dual server system? When it does work, does it work reliably or > does it sometimes fail? the problem is collisions between iptables rules and what ip_vs() does with the packets. It's written up in the HOWTO. Just keep adding rules. If it works once, it will work forever. >> use secondary IPs not aliases. > > Sorry, again terminology, but then again, let me ask the question. We > add additiona IP's in to /etc/sysconfig/network-scripts/ifcfg-eth:<id>. > Is that considered secondary or alias? I don't use any of these market enhanced versions of ethernet configuring tools. I know other people are happy with them. > Or should we be using ip addr add? whatever you get to work first. > We reject everything to begin with. I was wanted to make sure I was on > the right track. I still assume that I want to use IN and not FORWARD > (at least at this point) as the traffic is technically coming into the > firewall). IN (PREROUTING) is fine Joe -- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack (at) wm7d (dot) net - azimuthal equidistant map generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux! _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
