Load Balancing
Nathaniel Hall
halln at otc.edu
Tue Nov 16 16:52:33 UTC 2004
I am working on creating a firewall to do load balancing between two or
more LDAP servers. I am using Fedora Core 2 as my firewall with two
physical NICs. I have tried several different combinations of rules,
but I cannot get it to work correctly. Here is what is going wrong:
LDAP request goes to 172.16.0.63/24 on eth1
Request is routed to interface on same network (eth0) and destination
address is correctly changed to a random system to be load balanced
(i.e. 172.16.0.60).
Once there is an answer for LDAP, the answer goes directly to the
requesting machine, not the firewall that routed it.
Here is what I am using so far:
-A PREROUTING -d 172.16.0.63 -j DNAT --to-destination
172.16.0.60-172.16.0.61
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth1 -j MASQUERADE
-A POSTROUTING -s 172.16.0.0/255.255.252.0 -o eth1 -j MASQUERADE
I know this is a very easy problem to fix, but I apparently am losing my
mind and cannot think.
--
Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking
halln at otc.edu
417-799-0552
More information about the redhat-list
mailing list