Load balancing Bind9 with Keepalived and LVS

Question

How can I correctly configure LVS to masqerade/NAT packets from virtual ip to/from clients?

Currently I have:

UDP  10.47.1.80:domain rr
  -> 10.47.1.51:domain            Masq    10     0          5
  -> 10.47.1.52:domain            Masq    10     0          9

Problem I'm seeing:

dig my.test.domain @10.47.1.80
;; reply from unexpected source: 10.47.1.51#53, expected 10.47.1.80#53

I would expect NAT/Masq to rewrite the ip, but aparently the server responds directly to the client.

score 2 · Accepted Answer · answered Sep 18 '14 at 09:30

2

When not setting the director as gateway, I had to enable some additional options:

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv4.vs.conntrack=1
iptables -t nat -A POSTROUTING -j MASQUERADE

Now it works as expected

answered Sep 18 '14 at 09:30

Jon Skarpeteig

1 Answers1