* Scott Gifford <[EMAIL PROTECTED]> [010916 02:29]:
> Here's a patch I used on a qmail system I used to run which ran behind
> a NAT load balancer. It solves a problem qmail has when it doesn't
> know all of the IP addresses that connect to it. If you run qmail on
> a server behind any kind of network address translator, if you have
> any other machines that forward their SMTP port to your SMTP port, or
> if you have machines which listen on SMTP and unconditionally forward
> mail to your qmail server, take a look at this patch and see if it
> prevents a potential problem.
Just to present an interesting Linux-only (?) solution to this problem, one
could set up the external IPs on loopback aliases:
ifconfig lo:0 64.78.233.82 up
And tell the kernel not to answer ARP requests for that IP:
/sbin/sysctl -w net.ipv4.conf.all.hidden = 1
/sbin/sysctl -w net.ipv4.conf.lo.hidden = 1
Read more about it in the Linux Virtual Service project at
http://www.ultramonkey.org/ultramonkey-1.0.2/configuration/example-ha-lb-5.html
(scroll to ``Real Servers'').
/pg
--
Peter Green : Architekton Internet Services, LLC : [EMAIL PROTECTED]
-------------------------------------------------------------
chmod a+x /bin/laden
