firewall + loadbalancer on the same machine

Atif Ghaffar aghaffar at developer.ch
Tue Aug 3 13:28:12 BST 2004


Hi Roberto,

Roberto Nibali wrote:

> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.filter_rules.html
> 
> Is this clear enough or does it raise more questions? We would like to 
> know so we can improve on the documentation.

Thanks for the link. I will read it and give you back my feedback.
For some reason, I did not see that page before. Or perhaps it is newer 
than I last read the docs. (~ 6 months ago, when we implemented lvs)


> Out of the box it does not work, correct. But patches exist to make it 
> work. You seem to have neglected to mention
> 
> a) your kernel version
> b) your LVS forwarding method

We are using 2.4.22xx kernel from SuSE Linux 9.0 (Will change to RHEL 3 
maybe)
The LVS Forwarding method is NAT



> 
> both points have different outcomes in answering your question to its 
> full extent. 2 examples, randomly picked:
> 
> LVS-NAT with the nfct patch will work for 2.4.x and 2.6.x kernels 
> regarding filtering, iif you don't use fwmark
> 
Thanks. I will try that.

best regards



More information about the lvs-users mailing list