On Mon, Jun 18, 2001 at 10:11:28PM +0200, Henrik Nordstrom wrote:
> Robin Stevens wrote:
> > Requests to wwwcache.ox.ac.uk 8080 are handled fine by our existing
> > Solaris 8/ipfilter and Linux 2.2/ipchains servers. However, under
> > Linux 2.4 they don't work, although intercepted traffic is working
> > fine.
> Hmm.. iptables REDIRECT does not mess with the client port (only the
> server address,port), which makes me believe that your "L4 switch" is
> doing something odd here for the traffic addressed to the virtual
> address. Is it possible that return traffic is routed differently in the
> new box compared to the old ones?
That is indeed the answer. I later realised that it could only be the L4
switch performing the NAT magic. We'd temporarily plugged the machines in
elsewhere on the subnet rather than directly into the L4 switch - changing
the connections cures the problems. Thanks!
Robin
-- --------------- Robin Stevens <robin.stevens@oucs.ox.ac.uk> ----------------- Oxford University Computing Services ----------- Web: http://www.cynic.org.uk/ ------- (+44)(0)1865: 273212 (work) 273275 (fax) Mobile: 07776 235326 -------Received on Tue Jun 19 2001 - 10:49:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:47 MST