Solved: Balancing From Behind CSS

mmedwid · ‎03-27-2008

I have a basic two int configuration CSS with web servers and email behind CSS both of which should be load balanced. So say on the outside there's a VIP smtp and another web. And inside there are servers/services web1 10.10.105, web2 10.10.10.106, mail1 10.10.10.107, mail2 10.10.10.108 and outside content rule

smtp 172.22.1.10 with mail1 and mail2 associated and content rule web 172.22.1.11 with web1 and web2 associated.

Now if mail2 wants to make an http post to web whose vip is on the outside interface - is this possible?

Diego Vargas · ‎03-27-2008

Yes, smtp servers behind the CSS can make request for HTTP servers thru the VIP and viceversa.

You need to consider that since all servers are on the same subnet, the destination server (HTTP server on this case) will not answer thru the CSS but directly to the source server (or HTTP client for this flow) which would cause an asymmetric flow issue.

So you need to have the CSS doing source NATing with the use of a Group and the command "add destination server".

Hope it helps!!

Diego M

View solution in original post

Diego Vargas · ‎03-27-2008

Yes, smtp servers behind the CSS can make request for HTTP servers thru the VIP and viceversa.

You need to consider that since all servers are on the same subnet, the destination server (HTTP server on this case) will not answer thru the CSS but directly to the source server (or HTTP client for this flow) which would cause an asymmetric flow issue.

So you need to have the CSS doing source NATing with the use of a Group and the command "add destination server".

Hope it helps!!

Diego M