Installation guide
Chapter 8. Initial LVS Configuration 101
You can also allow specific hosts or subnets as seen in this example:
Order deny,allow
Deny from all
Allow from 192.168.1.100
Allow from 172.16.57
In this example, only Web browsers from the machine with the IP address of 192.168.1.100
and machines on the 172.16.57/24 network can access the Piranha Configuration Tool.
Caution
Editing the Piranha Configuration Tool .htaccess file limits access to the configura-
tion pages in the /etc/sysconfig/ha/web/secure/ directory but not to the login and
the help pages in /etc/sysconfig/ha/web/. To limit access to this directory, create a
.htaccess file in the /etc/sysconfig/ha/web/ directory with order, allow, and deny
lines identical to /etc/sysconfig/ha/web/secure/.htaccess.
8.5. Turning on Packet Forwarding
In order for the LVS router to forward network packets properly to the real servers, each
LVS router node must have IP forwarding turned on in the kernel. Log in as root and
change the line which reads net.ipv4.ip_forward = 0 in /etc/sysctl.conf to the
following:
net.ipv4.ip_forward = 1
The changes take effect when you reboot the system.
To check if IP forwarding is turned on, issue the following command as root:
/sbin/sysctl net.ipv4.ip_forward
If the above command returns a 1, then IP forwarding is enabled. If it returns a 0, then you
can turn it on manually using the following command:
/sbin/sysctl -w net.ipv4.ip_forward=1