netstat -L provides a result of invalid option — ‘L’ are you sure that the commands are netstat and not iptables. Iptables returns the following
iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere anywhere mark match 0x200 recent: SET name: _mail_0x200_sessions side: source /* FARM_mail_0_ */ to:2.2.2.4 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination iptables -L -t mangle Chain PREROUTING (policy ACCEPT) target prot opt source destination MARK tcp -- anywhere 1.1.1.1 statistic mode random probability 1.000000 multiport dports imap2,imaps,pop3,pop3s,smtp,ssmtp,submission,6099 /* FARM_mail_0_ */ MARK set 0x200 MARK tcp -- anywhere 1.1.1.1 recent: CHECK seconds: 120 name: _mail_0x200_sessions side: source multiport dports imap2,imaps,pop3,pop3s,smtp,ssmtp,submission,6099 /* FARM_mail_0_ */ MARK set 0x200 Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination On Aug 28, 2014, at 2:05 AM, Laura Garcia <nev...@gmail.com> wrote: > Hi Jon, could you please to paste the output of the following commands? > > netstat -L -t nat > netstat -L -t mangle > > Additionally, which version are you using? > > Regards > > > > On Wed, Aug 27, 2014 at 8:13 PM, Jon Hoffart <jon.hoff...@medoraco.com> wrote: > Alright here is what I have setup > > 1 L4xNAT farm with ip of 1.1.1.1 > protocol type tcp > nat type DNAT > load balance algorithm Weight > persistence mode IP persictence > > 3 backend servers on a separate subnet > 2.2.2.1 > 2.2.2.2 > 2.2.2.3 > > gateways on these are set to 2.2.2.4 which is a second interface on my load > balancer. > > so something like this Client 1.1.1.100/21 —> ZEN 1.1.1.102/21 —> Server > 2.2.2.1/29 > > > On Aug 27, 2014, at 10:22 AM, Gruber Alexander <alexander.gru...@az-druck.de> > wrote: > > > Hi, > > > > we need a lite bit more information. > > > > Backendservers on a different network/sub network?Like this? > > > > Client --192.168.0.0/24 --> ZEN -- 192.168.1.0/24 --> Server > > > >> Am 27.08.2014 um 18:00 schrieb "Jon Hoffart" <jon.hoff...@medoraco.com>: > >> > >> Hello, > >> I currently have a L4xNAT farm setup to balance my mail servers. I am > >> trying to use DNAT so I can identify were traffic is coming from, as NAT > >> shows all traffic coming from the load balancer and not its original > >> source. My issue with DNAT is that when I set the farm to use it I am > >> unable to send or receive mail. I also tried running a port scan on the > >> farms IP with DNAT enabled and it doesn’t return any open ports. Any ideas > >> on what my cause an issue like this? > >> > >> Yes my backend servers have their gateway set to that of the load balancer. > >> > >> > >> > >> This e-mail and any attachments may contain confidential material that may > >> not be disclosed, copied or distributed. If you are not the intended > >> recipient(s), please contact the sender and delete all copies. > >> > >> ------------------------------------------------------------------------------ > >> Slashdot TV. > >> Video for Nerds. Stuff that matters. > >> http://tv.slashdot.org/ > >> _______________________________________________ > >> Zenloadbalancer-support mailing list > >> Zenloadbalancer-support@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support > > > > ------------------------------------------------------------------------------ > > Slashdot TV. > > Video for Nerds. Stuff that matters. > > http://tv.slashdot.org/ > > _______________________________________________ > > Zenloadbalancer-support mailing list > > Zenloadbalancer-support@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support > > > This e-mail and any attachments may contain confidential material that may > not be disclosed, copied or distributed. If you are not the intended > recipient(s), please contact the sender and delete all copies. > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Zenloadbalancer-support mailing list > Zenloadbalancer-support@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/_______________________________________________ > Zenloadbalancer-support mailing list > Zenloadbalancer-support@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support This e-mail and any attachments may contain confidential material that may not be disclosed, copied or distributed. If you are not the intended recipient(s), please contact the sender and delete all copies. ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Zenloadbalancer-support mailing list Zenloadbalancer-support@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
