Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1189
Views
0
Helpful
2
Replies

S-Nat for one Arm Mode ace Configuration

Go to solution
fabio.marino
Level 1
Level 1

‎09-02-2013 12:28 AM

Hi All,

I have a doubt regarding the implementation of the Source NAT in case of Load Balancer configured in One Arm Mode.

I have a situation in which the Vlan X is used both as VIP and server network.

The load balancer is:

  • receiving request from a client network,
  • performing source nat using an ip inside the server network,
  • send the request to the real server,
  • receiving back the answer from the real server. No doubt, this is clear.

But, if I am going to setup as default gateway for the server the VIP address, do we still need source nat?

Moreover, when the setup is one arm mode MUST we always use source nat or is there any axception?

Thanks guys for shring here your idea.

Cheers, Fabio.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎09-09-2013 08:30 PM

Hi Fabio,

In a situation where client and server are in same subnet, it is necessary to have NAT i.e src nat the traffic from LB to real server. The reason is that since client and server are in same subnet server can directly reply to client and hence it would be a problem since client is expecting response from VIP to which it originally sent the request.

Adding VIP as GW won't help either because server will only look up for GW when it has to send traffic to a device which is in a different subnet.

So yes you need NAT in a situation where you have client and server in same subnet.

Regards,

Kanwal

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎09-09-2013 08:30 PM

Hi Fabio,

In a situation where client and server are in same subnet, it is necessary to have NAT i.e src nat the traffic from LB to real server. The reason is that since client and server are in same subnet server can directly reply to client and hence it would be a problem since client is expecting response from VIP to which it originally sent the request.

Adding VIP as GW won't help either because server will only look up for GW when it has to send traffic to a device which is in a different subnet.

So yes you need NAT in a situation where you have client and server in same subnet.

Regards,

Kanwal

0 Helpful

Go to solution
fabio.marino
Level 1
Level 1
In response to Kanwaljeet Singh

‎09-13-2013 11:55 PM

thanks mate!!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Top