CSM with PBR direct connection issue

Unanswered Question
Feb 19th, 2007

Hi,

We have a CSM set up in a one-armed configuration using PBR to ensure src port 80 traffic from back-end servers goes back to the CSM.

I was just wondering if there's any possible way that we can allow a direct connection to port 80 on the back-end servers (from other servers not on the same VLAN) and still have the reply traffic end up at the right place, even though it will be affected by PBR.

Cheers.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gilles Dufour Tue, 02/20/2007 - 11:21

PBR will forward the traffic to the CSM which by default does not like half-opened connection.

There is a variable called ROUTE_UNKNOWN_FLOW_PKTS that allows such kind of traffic to be routed.

Set this var to 1 or 2 and it should allow the traffic to be routed.

Gilles.

Actions

This Discussion