Brandon, I agree that I could probably simplify the iptables rules. But the VRRP communication was already solved before I opened this thread. The problem that I started this thread for, had more to do with the IPVS connection communication synchronization, and the connection status. While both communication mechanisms are initiated by keepalived, in this case, they're distinct from each other, and have different transmission characteristics, etc.
Lloyd Brown Systems Administrator Fulton Supercomputing Lab Brigham Young University http://marylou.byu.edu On 07/29/2014 09:29 AM, Brandon Perkins wrote: > You shouldn't need anything beyond: > > -A INPUT -p vrrp -j ACCEPT > > to get keepalived communication working. To allow VRRP traffic for the > Keepalived service to function: > > # /sbin/iptables -I INPUT -p vrrp -j ACCEPT > # /sbin/service iptables save > > one could also tighten down the source and destination as well. Also, > since this is RHEL, please feel free to reach out to your Red Hat > support representatives in case there is something else that needs > investigating in your particular environment. > > -- Thanks, Brandon _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users