[lvs-users] keepalived: SSH getting "No route to host"

[Gerry Reno]

Ok, I have been able to get LVS SSH on a high-port working by putting 
the iptables rule in the realservers and restricting sshd on the 
directors. Here's the setup:

In iptables on realservers:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT --to-port 22


In /etc/ssh/sshd_config:
ListenAddress 192.168.1.150 # the DIP

In keepalived.conf:
virtual_server 192.168.1.240 33322 {
...
real_server 192.168.1.25 33322 { <--- changed from 22
...


Now remote ssh access goes to a realserver:
ssh -p 33322 user at publicIP-that-maps-to-VIP
[realserver ~]$

Is there some solution that would keep all configuration just on the directors?  I like keeping things off of the realservers if possible.


Gerry