[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-virtual-server
Subject: Re: [lvs-users] fallthrough to director IP when no ipvs forwarding
From: Jay Faulkner <jay.faulkner () mailtrust ! com>
Date: 2010-05-11 22:16:49
Message-ID: B660A320A6728242B27531C8169AA68F7C7903963F () 34093-MBX-DF01 ! mex07a ! mlsrvr ! com
[Download RAW message or body]
> -----Original Message-----
> From: lvs-users-bounces@linuxvirtualserver.org [mailto:lvs-users-
> bounces@linuxvirtualserver.org] On Behalf Of Fred Clift
> Sent: Tuesday, May 11, 2010 5:23 PM
> To: LinuxVirtualServer.org users mailing list.
> Subject: [lvs-users] fallthrough to director IP when no ipvs forwarding
> rule exists?
>
> So I've noticed that if I connect to a tcp port on a VIP that has no
> ipvs rules defined for forwarding, I 'fall through' to any potential
> listening service on my director.
>
> Is this expected behavior? How can I get rid of it?
>
Try:
Iptables -A INPUT -d 1.1.1.1 -p tcp -m multiport --dport \
comma,delimited,list,of,loadbalanced,ports -j ACCEPT iptables -A INPUT -d 1.1.1.1 -j \
REJECT
Simple firewalling solves your problems :)
--
Jason Faulkner
Linux Engineer, Rackspace Email & Apps
jason.faulkner@rackspace.com
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic