Hi all, i'm having a somewhat stupid problem I can't get rid of. we've a server that accepts incoming world connections from a load balancer (10.10.10.4) to port 80, and we still want to serve incoming ssh/http from the firewall (10.10.10.1) routed to this host (10.10.10.90) and their reply packets of cause shall be send out through the firewall. unfortunately, both hosts (the load balancer (LB) and the firewall(FW)) are on the same subnet (10.10.10.0/24) and though on the same interface (eth0), but I need to find a solution. So, packets send from the LB shall get their answer through the LB as nexthop of couse, as well as incoming packets from the FW shall have response packets send out to the FW as nexthop, too. But how to realise this? server: 10.10.10.90 (this is the problem host) firewall(FW): 10.10.10.1 (we receive (mostly) ssh/https conns from it) loadbalancer(LB): 10.10.10.4 (we receive http conns from it) FW and LB are accepting/forwarding and routing connections from the world to our server. server ~ # ip route list 192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.90 10.10.10.0/24 dev eth0 proto kernel scope link src 10.10.10.90 127.0.0.0/8 dev lo scope link default via 10.10.10.1 dev eth0 You see, default traffic is routed through the firewall as the default gateway... but now, we want to have outgoing traffic caused from incoming packets from the load balancer to be routed back through the loadbalancer itself. I tried here several approaches, like adding custom routing tables, and modifying the tables (including main) either I got no answers routed to the FW or no traffic got routed to the LB. Can you please give me a hint on how to find the right way? Thanks in advance, Christian Parpart.
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
