Hi, kay <kay.diam@xxxxxxxxx> asked: > I have very strange requirement. I need to DNAT (using RAWDNAT) the > already established connection (simple HTTP keepalive) to another > server without TCP session reestablishment. > > For example I have web0 (input gateway), web1 (primary server), web2 > (slave server). SYN/ACK should be processed by web1, but "GET > HTTP/1.1" request should be passed to web2. For this purposes, I > guess, I need to establish fake connections on web2 which should be > the same as on web1. I've already implemented RAWDNAT + RAWSNAT and > SYN/ACK packet goes to web1 and all subsequent packets goes to web2, > but web2 ignores them as it doesn't know about them. Is it possible to > implement my requirement using conntrackd? conntrackd is for synchronizing the connection tracking tables on a redundant pair of NAT gateways, so it's no use to you. I imagine the problem is that the webserver on web2 doesn't know that there's an established connection that it should handle - how could it, without the tcp handshake? Care to elaborate on what you're trying to achieve (vs. what you're tyring to do ;-))? Cheers, Thomas -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
