CSM: Bridged mode, client-side MSFC -- require SNAT for server-VIP?

Unanswered Question
Dec 21st, 2005
User Badges:

When a CSM is deployed in a bridged mode configuration with the MSFC located toward the client-side, is source NAT still required for server-side server to VIP communications?

Or does the CSM automatically snoop/intercept the return traffic and direct it through itself?

It is not clear from the CSM 4.2 configuration guide whether or not the CSM will intercept the traffic, or if a nat-pool and SNAT is still required.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Gilles Dufour Thu, 12/22/2005 - 01:16
User Badges:
  • Cisco Employee,

if the traffic crosses the CSM it will be intercepted whatever the mode [briding or routing].

So, if the default gateway of the servers is the MSFC, all traffic sent from server to client via the gateway will go accross the CSM and therefore it will be intercepted.

However, if you want server to server communication through the VIP, you still need source nating as the traffic from server to server in the same subnet will not require the use of the gateway and will therefore still bypass the CSM.



Thanks for rating this answer.


This Discussion