Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
364
Views
0
Helpful
3
Replies

Web page not appearing after No Natting process

emmanuel
Level 1
Level 1

‎01-14-2009 07:19 AM

Hi

I managed to resolve previous post regarding server unreachable, however the problem now is that:

When client nat is in place on serverfarm (nat client NATLIST, the web server pages are displayed.

When client natting is performed (no nat client), then even though the connection seems to appear (using command sh mod csm vserver conns), the web page itself does not display.

Has anyone else encountered the same problem..?

Any help is greatly appreciated.

Regards

Labels:
0 Helpful
3 Replies 3

Diego Vargas
Cisco Employee
Cisco Employee

‎01-14-2009 04:02 PM

Emmanuel, this sounds like an asymmetric flow. When source NATing is needed is because the traffic flow is not going back thru the load balancer.

Remember that the CSM needs to see the traffic on the way in and the way out, this is because otherwise the client would be sending a SYN to the VIP and getting a SYN/ACK from the "real" IP.

If your server is not pointing to the CSM as its default gateway then the client's request reach the CSM, gets balanced and the server will use its default gateway (not the CSM) to route the answer which will bypass the CSM, this then again, will cause an asymmetric flow

On a load balanced scenario typically one of 2 things needs to be done

1. The CSM is the gateway of the server

2. NAT client needs to be done so that the server answer is destined to the VIP (on the CSM).

The election depends on the design and the traffic flow.

Diego M

0 Helpful

emmanuel
Level 1
Level 1
In response to Diego Vargas

‎01-15-2009 04:51 AM

Diego, you are right, however the problem I have is that if I make the CSM as the default route, then I loose connection to the server, as there is another switch in between.

NAT client is not an option as we dont want to nat clients.

Regards

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to emmanuel

‎01-15-2009 06:20 AM

Emmanuel,

this is a routing issue due to the way you have designed your datacenter.

There are only a few solutions possible :

1/ - perform client nat which guarantees that the server response goes back to CSM

2/ - Create static routes to force all traffic back to CSM

3/ - configure policy-based routing to force selected traffic to go back to CSM

4/ - Move servers behind the CSM.

Gilles.

0 Helpful
Customers Also Viewed These Support Documents