On 02.04.2015 06:22, Dmitry Melekhov wrote: > 02.04.2015 01:58, Pascal Hambourg пишет: >> Dmitry Melekhov a écrit : >>> I'm trying to do DNAT/SNAT on the same host with connmark and can't get >>> it working. >>> >>> My host has static ip 192.168.22.252 and it can get address >>> 192.168.22.99 from VRRP, so bind doesn't listen on 192.168.22.99, >> Why not ? > > because there is no such address on interface, it becomes available only > at VRRP state change to master :-) Have you tried using /proc/sys/net/ipv4/ip_nonlocal_bind? Then you could bind to that address even if it isn't configured yet. Regards, Dennis -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
