gistfile1.txt

# Setup
sudo ipvsadm -C
sudo ipvsadm -R <<EOF
-A -t 169.254.254.1:80
-a -t 169.254.254.1:80 -r 173.194.41.131:80 -m
EOF

# Add a host
sudo ipvsadm -R <<EOF
-a -t 169.254.254.1:80 -r 173.194.41.132:80 -m
EOF

# Remove a host
sudo ipvsadm -R <<EOF
-d -t 169.254.254.1:80 -r 173.194.41.131:80
EOF

# Read list of services and hosts
sudo ipvsadm -Sn



--- Notes from original attempt ---

# ip a s dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet 127.0.0.2/32 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
# sysctl net.ipv4.ip_forward net.ipv4.vs.conntrack
net.ipv4.ip_forward = 1
net.ipv4.vs.conntrack = 1
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
# iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A POSTROUTING -j MASQUERADE
# ipvsadm -Sn
-A -t 127.0.0.1:80 -s wlc
-a -t 127.0.0.1:80 -r 173.194.41.131:80 -m -w 1
-a -t 127.0.0.1:80 -r 173.194.41.132:80 -m -w 1
-a -t 127.0.0.1:80 -r 173.194.41.133:80 -m -w 1
-A -t 127.0.0.2:80 -s wlc
-a -t 127.0.0.2:80 -r 173.194.41.131:80 -m -w 1
-a -t 127.0.0.2:80 -r 173.194.41.132:80 -m -w 1
-a -t 127.0.0.2:80 -r 173.194.41.133:80 -m -w 1
-A -t 172.16.100.128:80 -s wlc
-a -t 172.16.100.128:80 -r 173.194.41.131:80 -m -w 1
-a -t 172.16.100.128:80 -r 173.194.41.132:80 -m -w 1
-a -t 172.16.100.128:80 -r 173.194.41.133:80 -m -w 1
$ for s in 127.0.0.2 127.0.0.1 172.16.100.128 173.194.41.131 173.194.41.132 173.194.41.133; do curl -sf $s >/dev/null; echo $?; done
7
7
0
0
0
0

=> Works for the public IP, not others.

=> Gaaaaaaaaah.
net/netfilter/ipvs/ip_vs_xmit.c:
    if (unlikely(!local && ipv4_is_loopback(ip_hdr(skb)->saddr))) {
		IP_VS_DBG_RL("Stopping traffic from loopback address %pI4 "
			     "to non-local address, dest: %pI4\n",
			     &ip_hdr(skb)->saddr, &daddr);
		ip_rt_put(rt);
		return NULL;
	}

=> Use link-local addresses!