04-18-2005 11:19 AM
What design/configuration considerations must be made to order to use the CSS in the "one armed" mode?
04-19-2005 01:32 AM
keep in mind the CSS needs to see both side of the traffic.
That is client to server but also server to client.
The client to server traffic will always come to the CSS since the client is talking to the vip that is on the CSS.
However, the server is not aware that there is a CSS and may send responses back to client directly which will break the process.
The solution is to
1. set the CSS as default gateway for the server
2. use policy routing to forward server traffic to css
3. use client nat on CSS
If you use the 3rd option, your server will not see the client ip address. All traffic will come from the CSS ip - so problem if you do statistics based on client ip.
In general it is not a good idea to use one-armed.
Too much trouble with the return traffic and most of time not so good performance compare to other solutions.
Gilles.
04-19-2005 09:02 AM
Gilles, thanks. Where can I find design/configuration data?
04-20-2005 12:56 AM
You can find a lot of config example on this website.
However, most of the time the examples are for very specific and complex scenarii.
If you need generic information, you will have to read the release-notes and the configuration guide.
Search for 'css basic configuration guide'.
Gilles.
- please take a moment to rate my answers.
10-04-2006 11:44 AM
wrong forum....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide