Direct server return commands (tc filter) on Nginx blog

Sékine Coulibaly scoulibaly at gmail.com
Thu Jan 18 16:46:49 UTC 2018


Hi,

I'm using this resource (
https://www.nginx.com/blog/ip-transparency-direct-server-return-nginx-plus-transparent-proxy/)
to setup a UDP load balancer, with DSR and Origin NAT.

Everything went fine in the walkthrough until I reached the traffic control
stuff :

tc qdisc add dev eth0 root handle 10: htb
tc filter add dev eth0 parent 10: protocol ip prio 10 u32 match ip src
172.16.0.11 match ip sport 53 action nat egress 172.16.0.11 192.168.99.10

The second command fails with :
Illegal "match"

>From what I can read here (
http://man7.org/linux/man-pages/man8/tc-u32.8.html), the syntax looks
correct though.
Of course I replaced 172.16.0.11 with the actual IP of the upstream I'm
configuring, and 192.168.99.10 with the IP of the host hosting the Nginx.
The interface name is eth0.

I'm running Ubuntu 16.04.02 LTS.

Is the "tc filter" command correct, or am I doing something wrong ?

Thank you

Sekine
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180118/056ec422/attachment.html>


More information about the nginx mailing list