Solved: Direct Server Return Questions

jfoerster · ‎06-10-2005

Hi,

I've some questions in regards of Direct Server Return.

1) Is Dorect server Reutrn supported on the CSS. I've not found any inforamtion sin regards of this so far.

2) In case on configures direct server return on a CSM is ther an IP-Tunnel between the CSM the Server (tunneling the original packet) or it is necessary that the server is directly/Layer2 attached to the CSM.

3) If DSR is possible on the CSS how about question 2 on the CSS?

TIA

Kind regards,

Joerg

Gilles Dufour · ‎06-10-2005

Joerg,

1/ DSR is not supported on the CSS.

2/ No ip tunnel. The CSM will forward traffic to servers by changing only destination mac address.

Gilles.

View solution in original post

Gilles Dufour · ‎06-10-2005

Joerg,

1/ DSR is not supported on the CSS.

2/ No ip tunnel. The CSM will forward traffic to servers by changing only destination mac address.

Gilles.

jfoerster · ‎06-10-2005

HI Gilles,

thanks for the real quick response.

In other words if my CSM resides in a DMZ and my servers in an other DMZ I'm not able to use this feature and have to use header rules to have the original IP-Address available at server side (logging prupose).

Do you think a logging of sessions would be possible on a CSM/CSS in a one-armed environment for having a reporting on the original source-ip-addresses?

TIA

Joerg

Gilles Dufour · ‎06-10-2005

Joerg,

we discussed this option a few time, but we don't want to use the CSS/CSM to log ip traffic to avoid impacting the performance.

Regards,

Gilles.