CSM in routing mode

massimiliano.serafino · ‎11-09-2009

Hi,

I've a CSM configured in routed mode.

I've also vserver with direct access in order to permit the management of the real servers.

The question is: "Is there a way to block the communications between servers in different serverfarms?".

Thank you.

Best regards.

Massimiliano.

Gilles Dufour · ‎11-09-2009

There is no way to filter traffic.

What you can do is create a vserver to catch the traffic you want to block and send it to a real that does not exist.

Gilles.

massimiliano.serafino · ‎11-09-2009

Hi Gilles.

Thank you..

Can you give me an example in order to implement your solution.

Best regards.

Massimiliano.

Gilles Dufour · ‎11-09-2009

Assuming you have 2 vlans x and y.

Subnet of vlan x is x.x.x.0/24 and subnet of vlan y is y.y.y.0/24

If you want to block traffic from vlan y to vlan x, implement the following vserver.

serverfarm NULL

real x.x.x.252

inservice

vserver Block1

virtual x.x.x.0 /24 any

serverfarm NULL

vlan y

inservice

You have to make sure x.x.x.252 does not exist !!! This whill blackhole the traffic.

Gilles.

massimiliano.serafino · ‎11-09-2009

Hi Gilles,

An upgrade (hardware or software) could help to avoid communications between different servers in differeny server farms.

Thank you.

Best regards.

Massimiliano.