Ok, I have been able to get LVS SSH on a high-port working by putting
the iptables rule in the realservers and restricting sshd on the
directors. Here's the setup:
In iptables on realservers:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT
--to-port 22
In /etc/ssh/sshd_config:
ListenAddress 192.168.1.150 # the DIP
In keepalived.conf:
virtual_server 192.168.1.240 33322 {
...
real_server 192.168.1.25 33322 { <--- changed from 22
...
Now remote ssh access goes to a realserver:
ssh -p 33322 [EMAIL PROTECTED]
[realserver ~]$
Is there some solution that would keep all configuration just on the directors?
I like keeping things off of the realservers if possible.
Gerry
_______________________________________________
LinuxVirtualServer.org mailing list - [email protected]
Send requests to [EMAIL PROTECTED]
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
