[lvs-users] Real server refuses packets originated from itself and redirected by LVS
Con Tassios
ct at swin.edu.au
Mon Nov 9 00:54:16 GMT 2009
On Fri, 6 Nov 2009, Simon Horman wrote:
> I also wonder if a different approach could work. Assuming that
> the connection from the real-server doesn't need to be load-balanced,
> I wonder if an iptables rule could be constructed such that
> the real-server just directly connects to itself when accessing the VIP.
iptables -t nat -I OUTPUT -p tcp -d $VIP --dport 80 -j DNAT --to-destination $IP:80
where $IP = primary IP address of real server
I use LVS-DR with the VIP only configured on the LVS director and iptables
rules on the real servers. The iptables rule above is what I use to allow the
real server to connect to itself when accessing the VIP.
More information about the lvs-users
mailing list