Hi everyone, I don't know if I'm at the best place to answer my question, and I don't know how to describe it briefly in subject. If I'm at the wrong place, please let me know where to post instead. Thank you. I use LVS load balancer configured in Direct-Routing mode. When one of my Real Servers tries to reach my Virtual IP (managed by LVS) and that backend server chosen by LVS is itself, this server receives a packet with : - its own eth0 address in source, but with hardware address of LVS - VIP address in destination, with its eth0 hardware address I think kernel filters packets like this because of incoming address, being a local address. So "accept_local" parameter in kernel seems to be there for this. But if I set it, I need to set rp_filter != 0 also. And the problem is that packet is also filtered with this configuration as suspected spoofing. How to handle such packets ? Is there a way to do this ? Thank you a lot. Florent -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
