03-2005 lb-l: [load balancing] Alteon AD2 SLB + NAT problem

From: Laurent GARNIER <laurent.garnierIZZATcibf.com>
Date: Thu Mar 10 2005 - 06:55:58 EST

Hello,

I have an old unused Alteon AD2 w/ WebOS 8.0.49 installed (yes i know, it's
very very old ;-) ).

I want to load balance income SMTP traffic with a VIP pseudo-public addresse
(10.x.x.x) between 2 or 3 private adressing SMTP server (192.x.x.x).

This works fine.

After this, I add NAT in order to permit my private adressing SMTP server to
access the Internet (192.168.100.1 nated to 10.234.145.13). Direct access to
and from internet work fine on my SMTP server but acces with VIP doesn't
work !

Here is the slb configuration :
----------------------------------------------------------------------------

----
Current Layer 4 settings:
  ON, direct enabled, matrix disabled, grace disabled
  imask 255.255.255.255, pmask 255.255.255.255
  mnet 0.0.0.0, mmask 255.255.255.255
Current health scripts settings:
Current real servers settings:
  1: 192.168.100.1, enabled, name steven2, weight 1, tmout 10, maxcon 200000
    backup none, inter 60, retry 4, restr 1
    remote disabled, proxy enabled, submac disabled
    real ports:
      smtp: vport smtp, group 1
        virtual server:  1, 10.234.145.9,   enabled
Current virtual servers settings:
  1: 212.234.145.9, enabled
    virtual ports:
      smtp: rport smtp, group 1, frags
        real servers:
            1: 192.168.100.1,   weight 1,  enabled, backup none
Current filters:
  5: enabled, invert disabled
    sip 192.168.100.0 255.255.255.0, dip 192.168.100.0 255.255.255.0
    proto any
    action allow
    log disabled, cache enabled
    ack disabled
    option disabled, tos 0 0 0
  8: enabled, invert disabled
    sip any, dip 10.234.145.9 255.255.255.255
    proto tcp, sport any, dport smtp
    action allow
    log disabled, cache enabled
    ack disabled
    option disabled, tos 0 0 0
    tcp no flags enabled
 10: enabled, invert disabled
    sip 192.168.100.1 255.255.255.255, dip 10.234.145.13 255.255.255.255
    proto any
    action nat, nat source
    log disabled, cache enabled, proxy disabled, tmout 4
    ack disabled
    option disabled, tos 0 0 0
 11: enabled, invert disabled
    sip 192.168.100.1 255.255.255.255, dip 10.234.145.13 255.255.255.255
    proto any
    action nat, nat dest
    log disabled, cache enabled, proxy disabled, tmout 4
    ack disabled
    option disabled, tos 0 0 0
Current port settings:
  1: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt  enabled, filters: 5 10
  2: client disabled, server  enabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
  3: client disabled, server  enabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
  4: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt  enabled, filters: 8 11
  5: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
  6: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
  7: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
  8: client disabled, server disabled, hotstan disabled, intersw disabled
     proxy disabled, 0.0.0.0
     filt disabled, filters: empty
Current Global SLB settings:
  OFF, dns enabled, ttl 60, local disabled, one disabled, alway disabled
  http enabled, usern disabled, mincon 1024, inter 1, weight 1, geo enabled
Current remote site settings:
Current Lookup settings:
  lookups disabled, dname none
Current internet network preference settings:
Current sync settings:
  filt enabled, ports enabled, prios enabled, pips disabled
Current peer switch settings:
----------------------------------------------------------------------------
----
Is this due to a limitation of the old WebOs used or a configuration mistake
?
--
Laurent GARNIER
Ingenieur reseaux et securite
Groupe CIBF - Safety Host - Alfa.nwt
Tel : +33 (0)2 51 84 90 40
____________________
The Load Balancing Mailing List
Unsubscribe:    mailto:majordomo@vegan.net?body=unsubscribe%20lb-l
Archive:        http://vegan.net/lb/archive
LBDigest:       http://lbdigest.com
MRTG with SLB:  http://vegan.net/MRTG
Hosted by:	http://www.tokkisystems.com

Received on Thu Mar 10 08:01:11 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 10 2005 - 08:26:06 EST