06-11-2007 03:31 AM
Hi,
I'm trying to understand group configuration on a CSS, particularly the difference between a service and destination service.
If we take the basic example of a client PC and a CSS load-balancing over 3 web servers, all of them being on the same VLAN (hence the need for NATing to ensure return traffic goes through the CSS):
- Upon reception of a request, the CSS looks for a matching content-rule
- Upon matching of the content-rule, an available service is picked-up (based on load-balancing method) from the pool
At that stage, I can imagine two cases:
1. If the service belongs to an active group as a destination service:
- The packet will be source NATed with the VIP specified in the group
In other words, the client PC never sees web-servers real IPs, it only sees the content-rule VIP, and the web-servers are
seeing all requests coming from the group VIP.
2. If the service belongs to an active group as a service (not destination):
- well what happens ?? I don't see the point.
Thanks and Regards,
Arno
Solved! Go to Solution.
06-11-2007 03:48 AM
the 2nd point is if the server opens a connection to the PC or anywhere else, and you want it's ip to be nated so it appears as coming from the vip.
Gilles.
06-11-2007 03:48 AM
the 2nd point is if the server opens a connection to the PC or anywhere else, and you want it's ip to be nated so it appears as coming from the vip.
Gilles.
06-11-2007 04:00 AM
Merci Gilles,
Ok, I get it know.
So appart from FTP active mode, this quite rare that a server initiate a connection to a client (in terms of client/server paradigm), that's probably why this wasn't obvious to me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide