Direct server return commands (tc filter) on Nginx blog

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Direct server return commands (tc filter) on Nginx blog

Sékine Coulibaly
Hi,

I'm using this resource (https://www.nginx.com/blog/ip-transparency-direct-server-return-nginx-plus-transparent-proxy/) to setup a UDP load balancer, with DSR and Origin NAT.

Everything went fine in the walkthrough until I reached the traffic control stuff :

tc qdisc add dev eth0 root handle 10: htb
tc filter add dev eth0 parent 10: protocol ip prio 10 u32 match ip src 172.16.0.11 match ip sport 53 action nat egress 172.16.0.11 192.168.99.10

The second command fails with :
Illegal "match"

From what I can read here (http://man7.org/linux/man-pages/man8/tc-u32.8.html), the syntax looks correct though.
Of course I replaced 172.16.0.11 with the actual IP of the upstream I'm configuring, and 192.168.99.10 with the IP of the host hosting the Nginx. The interface name is eth0.

I'm running Ubuntu 16.04.02 LTS.

Is the "tc filter" command correct, or am I doing something wrong ?

Thank you

Sekine

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx