Netfilter connection tracking support for IPVS

Nicklas Bondesson nicklas.bondesson at mindping.com
Fri Feb 23 00:29:24 GMT 2007 

I have sucessfully built the kernel with your original patch (using the old
Dependent connection tracking way). I am however still unable to SNAT
traffic leaving the box. I'm runnng the director and firewall on the same
box.

This is enabled:

enable the NFCT support at run time:
echo 1 > /proc/sys/net/ipv4/vs/conntrack

enable the SNAT rerouting for IPVS traffic (optional, useful for
source based routing, in fact, not related to this NFCT support)

echo 1 > /proc/sys/net/ipv4/vs/snat_reroute

And this is how I do SNAT: iptables -t nat -A POSTROUTING -o eth0 -j SNAT
--to-source 11.22.33.44


Any suggestions?


Thanks,
Nicklas

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list