On Wed, September 17, 2008 12:22, Josh Mullis wrote: > I actually expected to see some different rules than what I have. > Not sure what I need to add. > > Here are my current tables. > (Spaces replaced with -'s for formatting) > > iptables -L
Try iptables-save to see *all* the tables (in an incompatible format). I'm still struggling with my own setup (with similar goals and constraints, xen + lvs NAT), but once I got packets directed in, they came back out okay. The default route on each of the realserver "systems" (quotes to remind us that they may be xen guests not physical systems) needs to be set to the private net virtual IP of the LVS system -- I've deleted enough reading up to here that I can't now go back and check if you have that set right. And the LVS NAT works *only* for packets routed in by the LVS; the realservers can't initiate outgoing connections beyond the private LAN (unless you turn on ordinary NAT on the LVS, which is not the same thing as LVS NAT). -- David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/ Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/ Photos: http://dd-b.net/photography/gallery/ Dragaera: http://dragaera.info _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
