Youpi ;-)
That's work fine !
Thanks.
-- Laurent GARNIER > -----Message d'origine----- > De : owner-lb-l@vegan.net [mailto:owner-lb-l@vegan.net]De la part de > Giles Scott > Envoye : jeudi 10 mars 2005 16:13 > A : lb-l@vegan.net > Objet : RE: [load balancing] Alteon AD2 SLB + NAT problem > > > Hi, > > Server processing happens before filtering so you need to add a filter > to allow traffic on the server ports for VIP address. > > Cheers > > Giles > > -----Original Message----- > From: owner-lb-l@vegan.net [mailto:owner-lb-l@vegan.net] On Behalf Of > Laurent GARNIER > Sent: Thursday, March 10, 2005 11:56 AM > To: lb-l@vegan.net > Subject: [load balancing] Alteon AD2 SLB + NAT problem > > Hello, > > I have an old unused Alteon AD2 w/ WebOS 8.0.49 installed (yes i know, > it's > very very old ;-) ). > > I want to load balance income SMTP traffic with a VIP pseudo-public > addresse > (10.x.x.x) between 2 or 3 private adressing SMTP server (192.x.x.x). > > This works fine. > > After this, I add NAT in order to permit my private adressing SMTP > server to > access the Internet (192.168.100.1 nated to 10.234.145.13). Direct > access to > and from internet work fine on my SMTP server but acces with VIP doesn't > work ! > > Here is the slb configuration : > ------------------------------------------------------------------------ > ---- > ---- > Current Layer 4 settings: > ON, direct enabled, matrix disabled, grace disabled > imask 255.255.255.255, pmask 255.255.255.255 > mnet 0.0.0.0, mmask 255.255.255.255 > > Current health scripts settings: > > Current real servers settings: > 1: 192.168.100.1, enabled, name steven2, weight 1, tmout 10, maxcon > 200000 > backup none, inter 60, retry 4, restr 1 > remote disabled, proxy enabled, submac disabled > real ports: > smtp: vport smtp, group 1 > virtual server: 1, 10.234.145.9, enabled > > Current virtual servers settings: > 1: 212.234.145.9, enabled > virtual ports: > smtp: rport smtp, group 1, frags > real servers: > 1: 192.168.100.1, weight 1, enabled, backup none > > Current filters: > 5: enabled, invert disabled > sip 192.168.100.0 255.255.255.0, dip 192.168.100.0 255.255.255.0 > proto any > action allow > log disabled, cache enabled > ack disabled > option disabled, tos 0 0 0 > 8: enabled, invert disabled > sip any, dip 10.234.145.9 255.255.255.255 > proto tcp, sport any, dport smtp > action allow > log disabled, cache enabled > ack disabled > option disabled, tos 0 0 0 > tcp no flags enabled > 10: enabled, invert disabled > sip 192.168.100.1 255.255.255.255, dip 10.234.145.13 255.255.255.255 > proto any > action nat, nat source > log disabled, cache enabled, proxy disabled, tmout 4 > ack disabled > option disabled, tos 0 0 0 > 11: enabled, invert disabled > sip 192.168.100.1 255.255.255.255, dip 10.234.145.13 255.255.255.255 > proto any > action nat, nat dest > log disabled, cache enabled, proxy disabled, tmout 4 > ack disabled > option disabled, tos 0 0 0 > > Current port settings: > 1: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt enabled, filters: 5 10 > 2: client disabled, server enabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > 3: client disabled, server enabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > 4: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt enabled, filters: 8 11 > 5: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > 6: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > 7: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > 8: client disabled, server disabled, hotstan disabled, intersw > disabled > proxy disabled, 0.0.0.0 > filt disabled, filters: empty > > Current Global SLB settings: > OFF, dns enabled, ttl 60, local disabled, one disabled, alway disabled > http enabled, usern disabled, mincon 1024, inter 1, weight 1, geo > enabled > > Current remote site settings: > > Current Lookup settings: > lookups disabled, dname none > > Current internet network preference settings: > > Current sync settings: > filt enabled, ports enabled, prios enabled, pips disabled > > Current peer switch settings: > ------------------------------------------------------------------------ > ---- > ---- > > Is this due to a limitation of the old WebOs used or a configuration > mistake > ? > > -- > Laurent GARNIER > Ingenieur reseaux et securite > Groupe CIBF - Safety Host - Alfa.nwt > Tel : +33 (0)2 51 84 90 40 > > > ____________________ > The Load Balancing Mailing List > Unsubscribe: mailto:majordomo@vegan.net?body=unsubscribe%20lb-l > Archive: http://vegan.net/lb/archive > LBDigest: http://lbdigest.com > MRTG with SLB: http://vegan.net/MRTG > Hosted by: http://www.tokkisystems.com > > > > > ____________________ > The Load Balancing Mailing List > Unsubscribe: mailto:majordomo@vegan.net?body=unsubscribe%20lb-l > Archive: http://vegan.net/lb/archive > LBDigest: http://lbdigest.com > MRTG with SLB: http://vegan.net/MRTG > Hosted by: http://www.tokkisystems.com > > ____________________ The Load Balancing Mailing List Unsubscribe: mailto:majordomo@vegan.net?body=unsubscribe%20lb-l Archive: http://vegan.net/lb/archive LBDigest: http://lbdigest.com MRTG with SLB: http://vegan.net/MRTG Hosted by: http://www.tokkisystems.comReceived on Fri Mar 11 10:55:02 2005
This archive was generated by hypermail 2.1.8 : Fri Mar 11 2005 - 11:19:35 EST