How to NAT The FTP-DATA Connection?
Joseph Mack NA3T
jmack at wm7d.net
Sat Dec 23 03:47:05 GMT 2006
On Fri, 22 Dec 2006, Robinson, Eric wrote:
>> so how have clients been getting back their ftp-data packets till now?
>
> I configure the tunnel to allow FTP-DATA connections from the RIPs of
> the FTP servers to the client's network.
the RIPs then must be public IPs?
> The clients establish the
> control connections to the VIP of the load-balancer, but the data
> connections come from the RealServers.
if the client is connecting with the VIP, why is it
accepting an ftp-data connect request from the RIP?
>> do you have the port=20 option (forget syntax) when loading your ftp
> helper?
>
> I'll check, but does it matter with active FTP? The HOWTO implies it
> doesn't.
I didn't get a straight answer from Julian on the matter
last time I asked if it had changed. Worth a try.
>> you have no iptables rules on the director/realservers?
>
> No, the firewalls are separate appliances. No packet filtering on the
> load-balancers.
realservers? You have your tunnel.
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
Search lvs-users Archives
More information about the lvs-users
mailing list