[lvs-users] ipsec + lvs-nat not working

Joseph Mack NA3T jmack at wm7d.net
Tue Oct 21 19:35:06 BST 2008


On Tue, 21 Oct 2008, kwijibo at zianet.com wrote:

> Joseph Mack NA3T wrote:
>> If this is correct, I'm stumped. The next approach might be
>> to do tcpdumps to see what's happening.
>>
>
> Wouldn't the IPsec mode play a role in whether it works through
> NAT or not?  AH for instance will not work though NAT and ESP
> may or may not depending on how smart the end devices are.  I
> have always tried to avoid NAT while doing any type of IPsec.

I've not setup ipsec, but when you use it with LVS, you 
should be decrypting the packets before they arrive at the 
director, presumably at the INPUT chain, or ipsec/LVS 
wouldn't work at all.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!




More information about the lvs-users mailing list