On Mon, 20 Oct 2008, Sebastien COUPPEY wrote: >> does your ipsec tunnel work to a demon listening on the VIP >> on the director (ie with ipvsadm output empty)? > > yes for incoming connection, then everything is managed by the > kernel netkey layer and the kernel policy match.
summarising... o you can set up your director box, without LVS activated, and have an httpd listening on VIP:80 and a client can fetch webpages from the director box over the ipsec connection and o without ipsec and with LVS activated on the director and an httpd listening on VIP:80 on a couple of realservers, the client sees a working load balancer. but o when you put ipsec and lvs together, it doesn't go? If this is correct, I'm stumped. The next approach might be to do tcpdumps to see what's happening. Joe -- Joseph Mack NA3T EME(B,D), FM05lw North Carolina jmack (at) wm7d (dot) net - azimuthal equidistant map generator at http://www.wm7d.net/azproj.shtml Homepage http://www.austintek.com/ It's GNU/Linux! _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
