Kees Hoekzema wrote: >> -----Original Message----- >> I'm just typing the commands in the telnet session to see whether if >> the real server receives them at all. Doesn't seem to be the case, yet >> there is tcp traffic going al the way. And no, there's no banner, nor >> do I see the data in the tshark log (the TCP Retransmits). > > What happens if you test it, without testing the SMTP server? > If you shut down the SMTP server and run 'nc -p 25 -l' (netcat)
Interesting things happen when I do this: mx-node01:~# nc -p 25 -l client:~# nc 80.1.1.10 25 When I type text in the client nc session, this text shows up on the realserver netcat session. When I type text in the *realserver* netcat session, it *doesn't* show up at the client netcat session. It is as if the data in the tcp session is one-way, e.g. data only goes from client -> server. > in the netcat, you should see in the telnet client. If that works, it seems > like a problem with the mailserver rather than the loadbalancer. Clearly not a mailserver issue then :) > Anyway, I had a similar problem with the IP's from the mailservers not > matching the address they had. mail.domain.net resolved to x.x.x.11, while > mail from the mailserver behind the NAT came from x.x.x.3. I fixed that by > adding: > iptables --table nat --append POSTROUTING --source $mailserverRIP --jump > SNAT --to-source x.x.x.11 > > While I also had: > iptables --table nat --append POSTROUTING --source $internalNetwork --jump > MASQUERADE > > (make sure the DNAT rule is before the MASQ rule) > That solved the problem of mails send from the realservers not having the > same IP. > > I hope that was useful, good luck testing! These rules didn't solve aforementioned issue, but thanks for the input; I'm sure I'll need it later! _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
