LVS-NAT and packets originating from realserver
C. R. Oldham
cro at ncacasi.org
Wed Aug 25 17:09:50 BST 2004
> Let's say you can figure out how to do this...
> The replies coming from the machine on the internet will have
> The director will see the packets and since they aren't part
> of an established
> connection, they will be dropped.
You can do this with policy-based routing in the 2.6 series of kernels.
On my Debian realservers I have this in the /etc/networks/interfaces
auto eth0 eth1
iface eth0 inet dhcp
iface eth1 inet static
up ip route add 192.168.0.0 dev eth1 src 192.168.0.2 table lvs
up ip route add default via 192.168.0.1 table lvs
up ip rule add from 192.168.0.2 table lvs
down ip rule delete from 192.168.0.2 table lvs
down ip route delete 192.168.0.0 dev eth1 src 192.168.0.2 table lvs
And I have a table "lvs" in my iproute2/rt_tables file:
# reserved values
It took me a long time and lots of googling to figure this out but it
More information about the lvs-users