Persistence through a firewall
kenneth graham
poken77 at hotmail.com
Fri Jul 22 18:53:01 UTC 2005
Hi guys,
I have a serious problem with my LVS...
here is my configuration:
1 firewall with ip:192.168.4.1
1 loadbalancer with RIP: 192.168.4.20 and VIP:192.168.4.21
3 real servesr with address 192.168.5.1 192.168.5.2 192.168.5.3
(the three real server support PERSISTENCE for the http request)
my problem is that I want to do persistence, but after the client connect
through the firewall, the load balancer sees always the same source IP
address : 192.168.4.1 (IP from the firewall)
so teh load balancer send all of the connections the same real server
>ipvsadm -l -c
pro expire state source virtual destination
TCP 14:54 ESTABLISHED 192.168.4.1:1847 192.168.4.21:http
192.168.5.59:http
TCP 14:54 ESTABLISHED 192.168.4.1:2203 192.168.4.21:http
192.168.5.59:http
TCP 14:54 ESTABLISHED 192.168.4.1:1890 192.168.4.21:http
192.168.5.59:http
TCP 14:54 ESTABLISHED 192.168.4.1:3302 192.168.4.21:http
192.168.5.59:http
is there something in the ipvs that i need to change?
p.s. the problem is not the firewall because another computer behind the
firewall is able to see the real IP from the client. the iptables on the
loadbalancer is desactivated.
thanks in advance for your help and time.
More information about the Piranha-list
mailing list