LVS/NAT and SYN/ACK issue

dmitri at nominet.org.uk dmitri at nominet.org.uk
Wed Feb 21 13:50:48 GMT 2007 

lvs-users-bounces at LinuxVirtualServer.org wrote on 21/02/2007 13:29:22:

> > This is not a real problem but rather a nuisance for me. I 
> > just don't want packets with private IP's leaving 
> > LoadBalancer. I can't block this packets with iptables 
> > since I believe ipvs does SNATing somewhere in POSTROUTING 
> > chain and there is no way to put any other rules beyond 
> > this chain. I also can't modify SYN_RECV timeout since 
> > there is no tcp_timeout_syn_recv entry in 
> > /proc/sys/net/ipv4/vs/ (this is a stock CentOS 4.3 kernel)
> 
> I assume you've looked at the idle timeouts (not sure 
> they're going to help here).
> 
> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.services.
> general.html#tcpip_idle_timeout

Yes, I played with 'ipvsadm --set tcp tcpfin udp' and it doesn't
have any effect on this issue.

> 
> Joe

Dmitri

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list