[load balancing] Preserving client source IP address -CSS vers5

From: Heath Dickinson (hdnIZZATgoldmedal.co.uk)
Date: Tue May 06 2003 - 12:01:05 EDT

Next message: ginozar: "Re: [load balancing] Alteon AD3 and DNS Caching"

Previous message: Jose Vitor Barreiro: "[load balancing] White paper about DNS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Guys

I know this ones gone before but I cant seem to find the explanation I need
in any thread or in any of Ciscos documentation.

I have a CSS running v5 located in a DMZ using a local IP for the VIP that
points to a web farm of services which all with local IPs. I use L5 rules
as we balance based on strings in the header pathsin order to direct
different areas of the website to specific servers.
The VIP is publically accesible by using a NAT to a public IP at the
firewall. I have a source group configured for the target servers bound to
the VIP address.
My problem is that the backend connections always use the VIP address as
source IP rather than the real IP. This poses a problem as I need to see the
real source IPs for a number of business and technical reasons.
I understand the delayed binding concept, but I wonder if this binding can
be acheived by mapping source ports rather than source IP addresses to
maintain the connection states?
Some Cisco resources indicate this can be achieved by using dispatch mode
as opposed to NAT or directed mode. It indicates that Virtual MACs are used
in substitution for IP addresses. Unfortunately it doesnt tell you how.

Any help or suggestions will be appreciated.

Heath Dickinson CCNA MCP
IT Comms Administrator
Goldmedal Travel Group PLC
Tel: 01772 835106
Email: hdnIZZATgoldmedal.co.uk

************************************************************************************
Gold Medal Travel E Mail disclaimer

This e-mail contains proprietary information some or all of which may be
legally privileged. It is for the intended recipient only. If an
addressing or transmission error has misdirected this e-mail, please notify
the author by replying to this e-mail. If you are not the intended
recipient you must not use, disclose, distribute, copy, print or rely on
this e-mail.
************************************************************************************

____________________
The Load Balancing Mailing List
Unsubscribe: mailto:majordomoIZZATvegan.net?body=unsubscribe%20lb-l
Archive: http://vegan.net/lb/archive
LBDigest: http://lbdigest.com
MRTG with SLB: http://vegan.net/MRTG
Hosted by: http://www.tokkisystems.com

Next message: ginozar: "Re: [load balancing] Alteon AD3 and DNS Caching"
Previous message: Jose Vitor Barreiro: "[load balancing] White paper about DNS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 06 2003 - 12:15:30 EDT