Section 8.4:FTP In an LVS Cluster
131
In the above network packet filter commands, n.n.n should be replaced with the first three values for
the floating IP for the NAT interface’s internal network interface defined in the
GLOBAL SETTINGS
panel of
Piranha Configuration Tool
. These commands allow the LVS router to accept outgoing
connections from the real servers that IPVS does not know about.
Rules for Passive Connections
The rules for passive connections assign the appropriate firewall mark to connections coming in from
the Internet to the floating IP for the service on a wide range of ports — 10,000 to 20,000.
WARNING
If you are limiting the port range for passive connections, you must also
configure the FTP server to use a matching port range. This can be ac-
complished under Red Hat Linux by adding the following line to the end
of
/etc/ftpaccess
:
passive ports 0.0.0.0/0 10000 20000
For other FTP servers, consult the documetation.
This range should be a wide enough for most situations; however, you can increase this number
to include all available non-secured ports by changing
10000:20000
in the commands below to
1024:65535
.
iptables
/sbin/iptables -t mangle -A PREROUTING -p tcp \
-d
n.n.n.n
/32
\
--dport 21 -j MARK --set-mark 21
/sbin/iptables -t mangle -A PREROUTING -p tcp \
-d
n.n.n.n
/32 \
--dport 10000:20000 -j MARK --set-mark 21
ipchains
/sbin/ipchains -A input -p tcp -d
n.n.n.n
/32 21 -m 21
/sbin/ipchains -A input -p tcp -d
n.n.n.n
/32 \
10000:20000 -m 21
In the above network packet filter commands, n.n.n.n should be replaced with the floating IP for
the FTP virtual server defined in the
VIRTUAL SERVER
subsection of
Piranha Configuration Tool
.
These commands have the net effect of assigning any traffic addressed to the floating IP on the appro-
priate ports a firewall mark of 21, which is in turn recognized by IPVS and forwarded appropriately.
Summary of Contents for ENTERPRISE LINUX AS 2.1 -
Page 1: ...Red Hat Enterprise Linux AS 2 1 The Official Red Hat Enterprise Linux AS Installation Guide ...
Page 8: ...viii ...
Page 14: ...xiv Introduction ...
Page 15: ...Part I Installing Red Hat Enterprise Linux AS ...
Page 16: ......
Page 26: ...26 Chapter 1 Steps to Get You Started ...
Page 30: ...30 Chapter 2 System Requirements Table ...
Page 80: ...80 Chapter 3 Installing Red Hat Enterprise Linux AS ...
Page 94: ...94 Chapter 4 Installing Red Hat Enterprise Linux AS via Text Mode ...
Page 95: ...Part II Configuring Red Hat Enterprise Linux AS ...
Page 96: ......
Page 100: ...100 Chapter 5 Introduction ...
Page 114: ...114 Chapter 6 Linux Virtual Server Overview ...
Page 153: ...Part III Appendixes ...
Page 154: ......
Page 156: ...156 Appendix A Additional Resources for LVS Clustering ...
Page 160: ...160 Appendix B A Sample etc sysconfig ha lvs cf File ...
Page 162: ...162 Appendix C Removing Red Hat Linux ...
Page 168: ...168 Appendix D Getting Technical Support ...
Page 178: ...178 Appendix E Troubleshooting Your Installation of Red Hat Enterprise Linux AS ...