On Sa, 2006-02-25 at 00:23 +0530, Raj Mathur wrote: > >>>>> "Sebastian" == Sebastian Bork <sebi@xxxxxxxx> writes: > Sebastian> I use exactly the same setup with a customer's > Sebastian> conenction, the only difference: I use MASQUERADE > Sebastian> instead of SNAT. I did not see anything like the > Sebastian> problem you describe. Maybe because MAQUERADE works > Sebastian> stateful, SNAT not? If you do not have a special reason > Sebastian> for using SNAT, I think you should try MASQUERADE. If > Sebastian> your problem persits, please tell me, as I have to look > Sebastian> at my customer's setup very closely then, to catch this > Sebastian> before anyone complains. > > Well, both MASQUERADE and SNAT are stateful (MASQUERADE is just a > special case of SNAT as far as I remember); however it's worth a shot > if it's working for you. > > It's pretty easy to trap the wrong source IP errors -- going back to > my example, just run: Done. It happens here, too. But now it gets really strange: the data (I tried scp) goes out on IF1 with IF2's source address. The ACK packets come in on IF2. The connection works anyway ... *That's* what I'd call really cool load-balancing. _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
