From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?UTF-8?B?VMOzdGggTsOhbmRvcg==?= Date: Wed, 16 Feb 2005 12:28:46 +0000 Subject: Re: [LARTC] Load Balancer setting for Public Servers Message-Id: <42133C7E.2080902@sch.bme.hu> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Hi! Sureerat P. (EQHO) wrote: > Hello, > > I have finished setting up the load balancer with IPROUTE ... also patch > the kernel to support DGD and now it's working fine with the valuable > guide at LARTC website, Julian Anastasov, and the kind people in this > mailing list. Now I would like to launch a web server and a ftp server > to the public but I'm stuck into a problem and really need your help. I had a very similar setup, and everything worked. > Currently internal users can access internet and loadbalancing feature > is working well, but users in external network can't access my servers. > Please someone help investigate my config and suggest me what is wrong > or missing. Thank you very much. I suggest you to run tcpdump on the firewalls interfaces to track the packets. This way you can nail the problem. > iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE I think the problem may be here. You should use SNAT like me: $IPTABLES -t nat -A POSTROUTING -o $EXTERNAL_INTERFACE -j SNAT --to-source $EXTERNAL_IP_ADDR $IPTABLES -t nat -A POSTROUTING -o $EXTERNAL_INTERFACE2 -j SNAT --to-source $EXTERNAL_IP_ADDR2 -- Udv, Nandor _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/