I'm trying to understand group configuration on a CSS, particularly the difference between a service and destination service.
If we take the basic example of a client PC and a CSS load-balancing over 3 web servers, all of them being on the same VLAN (hence the need for NATing to ensure return traffic goes through the CSS):
- Upon reception of a request, the CSS looks for a matching content-rule
- Upon matching of the content-rule, an available service is picked-up (based on load-balancing method) from the pool
At that stage, I can imagine two cases:
1. If the service belongs to an active group as a destination service:
- The packet will be source NATed with the VIP specified in the group
In other words, the client PC never sees web-servers real IPs, it only sees the content-rule VIP, and the web-servers are
seeing all requests coming from the group VIP.
2. If the service belongs to an active group as a service (not destination):
- well what happens ?? I don't see the point.
Thanks and Regards,
the 2nd point is if the server opens a connection to the PC or anywhere else, and you want it's ip to be nated so it appears as coming from the vip.