Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

S-Nat for one Arm Mode ace Configuration

Hi All,

I have a doubt regarding the implementation of the Source NAT in case of Load Balancer configured in One Arm Mode.

I have a situation in which the Vlan X is used both as VIP and server network.

The load balancer is:

  • receiving request from a client network,
  • performing source nat using an ip inside the server network,
  • send the request to the real server,
  • receiving back the answer from the real server. No doubt, this is clear.

But, if I am going to setup as default gateway for the server the VIP address, do we still need source nat?

Moreover, when the setup is one arm mode MUST we always use source nat or is there any axception?

Thanks guys for shring here your idea.

Cheers, Fabio.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

S-Nat for one Arm Mode ace Configuration

Hi Fabio,

In a situation where client and server are in same subnet, it is necessary to have NAT i.e src nat the traffic from LB to real server. The reason is that since client and server are in same subnet server can directly reply to client and hence it would be a problem since client is expecting response from VIP to which it originally sent the request.

Adding VIP as GW won't help either because server will only look up for GW when it has to send traffic to a device which is in a different subnet.

So yes you need NAT in a situation where you have client and server in same subnet.

Regards,

Kanwal

2 REPLIES
Cisco Employee

S-Nat for one Arm Mode ace Configuration

Hi Fabio,

In a situation where client and server are in same subnet, it is necessary to have NAT i.e src nat the traffic from LB to real server. The reason is that since client and server are in same subnet server can directly reply to client and hence it would be a problem since client is expecting response from VIP to which it originally sent the request.

Adding VIP as GW won't help either because server will only look up for GW when it has to send traffic to a device which is in a different subnet.

So yes you need NAT in a situation where you have client and server in same subnet.

Regards,

Kanwal

New Member

S-Nat for one Arm Mode ace Configuration

thanks mate!!

521
Views
0
Helpful
2
Replies
CreatePlease login to create content