All,
Lets say hypothetically I have a director with two vips. The vips represent different services, different areas of responsibility, etc. This isn't my actual case, but as an example, they could be a front-end web-server and a back-end database server. But one director for both sets of realservers. For this simple example, lets say that I currently only have one realserver for each virtual-server/vip. I'm doing LVS/NAT. I would like to have the web-server connect to the vip representing the database virtual server and have the connection work. I'm also doing an SNAT rule for each virtual server on the director to ensure that outbound traffic from the realservers appear to come from the vip of the virtualserver. It doesn't work of course. Or I wouldn't be asking - how can I make this work? Ideally, if I could do a PREROUTING SNAT rule, I think I could make it work, but iptables says 'no' to that. I'm wondering if I could do some kind of SNAT POSTROUTING rule on the realservers to do something special, or if there is a better/different way. As an analog to LVS, I set up for individual realservers and two vips a pair of symetric SNAT/DNAT rules for each realserver, and then was able to make this work. I'm not sure where in the packet-processing stream for outbound packets LVS picks the packets back up, or if it does at all. So, does my question make sense? I would like realservers for one vip to make connections to the vip of another virtual server on the same director. Anyone know how? Fred Clift -- Fred Clift MCS Team Architect 801-437-7471 Verio, and NTT Communications Company This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you. _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
