On 13 March 2015 at 04:15, Stefan Certic <stefan@xxxxxxxxxxxxxxx> wrote: > Hello World :) > > I am interested in following scenario with iptables (if such is possible). > > Setup: > > 1. Ext Firewall nats port Z to server A. > 2. Application X listens on port Z of server A > 3. It happens that application X crashes for a couple of seconds and > get's restarted by a monit. > > Question: > > Is it possible to perform Nat on server A itself, to server B, that > will took place only until application is restarted (only while no one > is listening on port Z) otherwise expose port Z to back to > application. > > Reason: > > The idea is to provide a failover, uninterrupted service even when app > crash occurs. I think this is what LVS does. You can configure a loadbalancer which listen on a virtual address. Then, you have several real servers in the backend. The LVS can do health checks and deliver connection to real servers in the backend if they are alive. Your "firewall --> server A --> server B" architecture seems very weird. best regards. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
