You can either snat or run in dr or tun mode. Sent from my iPhone
On Mar 1, 2012, at 8:59 AM, Dean Scothern <[email protected]> wrote: > Thank you for your quick reply. > > Whilst snat would work I would prefer not to use it as it hides the source ip > of the packets, making applications that use ip access lists more problem > atic to configure, eg mailservers. Eventually I would expand the clients to > include other networks (internet), and would like log analysis to work. > I would prefer not to use a proxy and pass magic headers with the remote ip > them either. > The link in question also probably cannot easily apply to redhat/centos 6 as > they are based on 2.6.32 kernel and the link mentions 2.6.35, 2.6.36. > Reading further it might be possible to apply the patch set and rebuild the > associated kernel modules. > > To be honest I hoping for some route configuration magicry, I feel so close > and surely there must be a way. > > Many Thanks > > > From: David Coulson [mailto:[email protected]] > Sent: 01 March 2012 13:04 > To: LinuxVirtualServer.org users mailing list. > Cc: Dean Scothern > Subject: Re: [lvs-users] annoying routing problem with a lvs cluster > > You need to SNAT real server traffic going to your real servers. > > Quick google found this: > > http://blog.loadbalancer.org/enabling-snat-in-lvs-xt_ipvs-and-iptables/ > > I'm presuming it's in mainline by now, but I know it's not in RHEL/SuSE yet. > > David > > On 3/1/12 7:55 AM, Dean Scothern wrote: > Hi, > > I've been experimenting with a slightly non standard lvs cluster arrangement. > > I have a set of combined real servers/real clients (each machine has both > services and clients) and two machines running lvs as a cluster. > > All machines are connected directly to the same two networks: frontend and > backend. > > The real servers/real clients connect to a service ip on the lvs machines on > the frontend network. > The lvs machines run in masq mode and connect to the real servers/real > clients on the backend network. > I've configured policy routing on the real servers/real clients backend > interfaces to return traffic via a second gateway on the lvs hosts. > > This works very well except when a real server/real client connects to its > own backend interface via the lvs cluster ip. > I guessing that the local host route means that instead of returning the > traffic via the backend gateway on the lvs it tries to go directly locally. > Tcpdump appears to support this guess and if I turn on martian logging I can > see the traffic. > > Initially I thought that reverse path filtering was preventing operation but > the problem remained when it was disabled. > Turning on routing had not beneficial effect either. > > Ideally I would like to setup routing to override the local table when the > policy routing rules are applied, but I'm not sure how. > So far attempts to to do this have failed > > Has anyone managed to do this? > > Its more of a routing question so apologies for being slightly off topic. > > Best Regards > > Dean Scothern > Dr Dean Scothern > Infrastructure > [Description: Eduserv] > E: [email protected]<mailto:[email protected]> > > T: +44 (0)1225 474379 > > F: +44 (0)1225 474301 > > www.eduserv.org.uk<http://www.eduserv.org.uk/> > Eduserv is a company limited by guarantee (registered in England & Wales, > company number: 3763109) and a charity (charity number 1079456), whose > registered office is at Royal Mead, Railway Place, Bath, BA1 1SR. > > > > > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
