[lvs-users] ipsec + lvs-nat not working

Sebastien COUPPEY sebastien.couppey at zero9.it
Fri Oct 17 13:33:42 BST 2008


On Thu, Oct 16, 2008 at 06:39:18PM -0700, Joseph Mack NA3T wrote:
> On Thu, 16 Oct 2008, Sebastien COUPPEY wrote:
> > I am facing a problem with ipsec+lvs-nat on the same server.
> 
> a couple of people have done ipsec with lvs. I don't 
> remember whether it was lvs-dr or lvs-nat (or both). 
> Presumably you could look for "ipsec" in the archive. 

I did first, but didn't find any configuration example. 

> I've 
> asked these people for the details, but so far no-one has 
> given me a recipe. None of them has indicted that setup was 
> any big deal, 

That also what I thought, be facing a problem in the configuration

> so presumably anything that lands packets on 
> the director's VIP will work.

the configuration is working for the VIP which are outside an ipsec tunnel.

> 
> Does your setup work without ipsec?
> 
> > the vip is on the loopback interface.
> 
> the VIP on the director should be on a device that can 
> advertise the IP to the internet.

As a test I moved the vip from the loopback to the eth2 which can
advertise on internet but without success.





More information about the lvs-users mailing list