Stefan Bauer wrote: : -----Ursprüngliche Nachricht----- : Von: Jan Kasprzak <k...@fi.muni.cz> : > for ldirectord: : > : > virtual=virtualip:srvport : > real=realserver1:srvport masq 100 : > real=realserver2:srvport masq 100 : > [... scheduler and other parameters omitted for brevity ...] : > : > for iptables: : > : > iptables -t nat -A POSTROUTING -d realserver1 \ : > -p tcp --dport srvport -j MASQUERADE : > iptables -t nat -A POSTROUTING -d realserver2 \ : > -p tcp --dport srvport -j MASQUERADE : > : > Is this what you are looking for? : : Well, a simple SNAT is what i want but i prefer to get : it done by ipvsadm/ip_vs in Kernel. Thats how i understood : the implementation by Jiaming Wu and Jian Chen according to : http://kb.linuxvirtualserver.org/wiki/IPVS_FULLNAT_and_SYNPROXY.
From that page: > The main principle is as follows: the module introduces local ip address > (IDC internal ip address, lip), IPVS translates cip-vip to/from lip-rip, > in which lip and rip both are IDC internal ip address, so that LVS load > balancer and real servers can be in different vlans, and real servers > only need to access internal network. See Virtual Server via Full NAT > for more information. I think my configuration above does exactly this (well, I have omitted "lip" address, using SNAT to a different address instead of MASQUERADE would solve it). : I just dont want to mess in userland with iptables manually. OK, understood. For me it was still better than installing a reverse proxy for a single virtual service out of tens I already serve using IPVS. -Yenya -- | Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> | | New GPG 4096R/A45477D5 - see http://www.fi.muni.cz/~kas/pgp-rollover.txt | | http://www.fi.muni.cz/~kas/ Journal: http://www.fi.muni.cz/~kas/blog/ | Please don't top post and in particular don't attach entire digests to your mail or we'll all soon be using bittorrent to read the list. --Alan Cox _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users