CSS 11500 Source groups add destination.

Unanswered Question
Apr 26th, 2007
User Badges:

Hi,

Can somebody explain to me the function of source groups and the add destination service? And example would be good. As i understand source groups are used when a server behind the content switch initiates a flow. The source address is replaced by the vip specified in the group. I would like to know what the add destination does? Change the destination address?

Kind regards,


Frederik De Muyter.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Thu, 04/26/2007 - 03:48
User Badges:
  • Cisco Employee,

Frederik,


the source group always nats the source ip address.

However, there is 2 scenarii possible.


1/ the server opens the connection.

In this case you need 'add service ...'


2/ a connection is open to the server.

In this case you need 'add destination service'.

When do we need this 2nd option ?

When for example you want to guarantee that the response from the server goes back through the CSS and not directly to the client.

In this case, you need the client ip when forwarding the traffic to the server.


Gilles.

naive.naive Wed, 01/09/2008 - 04:54
User Badges:

hi giles,


need your expertise explanation..


i'm opting for option 1, but do i need to create a new service (meaning any connection from the server will be allowed) like below ?


service server1

ip add 10.1.1.1

protocol tcp


or i can add the existing service configured, which only restrict to http only?


service server1_80

ip add 10.1.1.1

protocol tcp

port 80


thanks in advance..

Gilles Dufour Thu, 01/10/2008 - 04:59
User Badges:
  • Cisco Employee,

you can use the existing service.

The group will only look at the ip address anyway.


Gilles.

Actions

This Discussion