Hi, Sorry if this is a repeat. I am trying FTP with HAProxy I have two servers load balanced by HAproxy. ftp login works fine. Data channel fails. When I capture packets at the server, server receives PORT packet, but responds with Illegal port command.
My setup has | -----S1 Source-----------HAProxy | |------S2 All are in the same network. I can directly ftp to S1 and S2 with no problems. haproxy.cfg (relevant info) listen 21 bind :21 mode tcp option tcpka balance roundrobin server Gala1 S1 server Gala S2 Output on Source naveen@CamNaveen:~$ ftp LB-IP Connected to LB-IP. 220-FTP Server (user 'fcnav...@us.ibm.com') 220 Name (LB-IP:naveen): dove 331-Password: 331 Password: 230-230 Login successful. 230 Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 500 Illegal PORT command. ftp: bind: Address already in use ftp> bye Appreciate if you could let me know if I need to make any changes. Some of the articles I saw asked to use iptable Source nat on LB. Do we need to do that. In mycase, server is not event making a connection attempt to client on receiving PORT command. It just responds with Illegal PORT command. On the server, PORT command FTP data shows Source IP address of Source not the LB-IP. Is this a problem? Best Regards, Naveen