Martin, What I meant is, the incoming packages implement DNAT by LVS, then forward to realserver. The outgoing packages implement SNAT, then forward to client. Since host A and B have the same VIP (managed by OSPF), after the SNAT, the packages seem to be from the same host. Client shouldn't drop them.
Am I right? Thanks. Martin Wheldon wrote: > Hi, > > The DNAT would still need to be reversed. The client will otherwise > drop > the packet as it won't be from the host it started the connection with. > > Best Regards > > Martin > > On 2015-02-02 09:59, Yonghua Peng wrote: >> If it's just a DNAT forwarding for the incoming packet, I don't think >> LVS host has to keep the status of the connection. >> I am probably wrong, just by curious. And I will test for it. >> >> Thanks. >> >> Martin Wheldon wrote: >>> Hi, >>> >>> Because there will be no entry in the NAT table on the second host >>> so >>> it won't know how to deal with the return packet. >>> >>> Best Regards >>> >>> Martin >>> >>> On 2015-02-02 09:06, Yonghua Peng wrote: >>>> Can you tell me why the realserver should use host A as the >>>> gateway? >>>> since host A and B have the same configure, and share the same VIP, >>>> I >>>> was thinking both A and B can be setup as the gateway. >>>> >>>> Thanks. >>>> >>>> Ivan Havlicek wrote: >>>>> No, if a transaction start via LVS host A, the realserver need to >>>>> use >>>>> this host as gateway to respond. >>>>> This is the normal for a NAT. >>>> >>>> _______________________________________________ >>>> Please read the documentation before posting - it's available at: >>>> http://www.linuxvirtualserver.org/ >>>> >>>> LinuxVirtualServer.org mailing list - >>>> lvs-users@LinuxVirtualServer.org >>>> Send requests to lvs-users-requ...@linuxvirtualserver.org >>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >>>> >>>> >>> >>> >>> _______________________________________________ >>> Please read the documentation before posting - it's available at: >>> http://www.linuxvirtualserver.org/ >>> >>> LinuxVirtualServer.org mailing list - >>> lvs-users@LinuxVirtualServer.org >>> Send requests to lvs-users-requ...@linuxvirtualserver.org >>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >>> >> >> _______________________________________________ >> Please read the documentation before posting - it's available at: >> http://www.linuxvirtualserver.org/ >> >> LinuxVirtualServer.org mailing list - >> lvs-users@LinuxVirtualServer.org >> Send requests to lvs-users-requ...@linuxvirtualserver.org >> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >> >> !DSPAM:31,54cf4a4d101354641921266! > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org > Send requests to lvs-users-requ...@linuxvirtualserver.org > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users