Hi, I have a situation where I want to use NAT (masq) for my LVS service but cannot change the routing table of my real servers. So I thought adding a rule to my iptables like:
iptables -t nat -A POSTROUTING -p tcp --dport 80 -d <realservers> \ -j SNAT --to-source DIP so the director would masquerade the source of all packets and thus all packates would be routed back to the director and NAT mech would work. Unfortunately a tcpdump shows that the packets are sent out eith the ip addresses of the clients and not the DIP. Any idea what I am doing wrong here? Is this possible at all? thanks for any hint. Greetings, -- Dr. Michael Schwartzkopff MultiNET Services GmbH Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany Tel: +49 - 89 - 45 69 11 0 Fax: +49 - 89 - 45 69 11 21 mob: +49 - 174 - 343 28 75 mail: [email protected] web: www.multinet.de Sitz der Gesellschaft: 85630 Grasbrunn Registergericht: Amtsgericht München HRB 114375 Geschäftsführer: Günter Jurgeneit, Hubert Martens --- PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
