cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
701
Views
0
Helpful
1
Replies

Source NAT on One Arm Config ACE

Bilal Nawaz
VIP Alumni
VIP Alumni

Hello,

In a one arm load-balancing configuration setup is it necessary to use source nat? or does the LB know what NAT needs to take place? It has knowledge that its in a one arm config as seen below (from the gui of the ACE)

Screen Shot 2012-12-26 at 21.04.25.png

Take an example for instance client is 172.25.25.40 the gateway is 172.25.25.1

The VIP on the LB is 172.25.24.123 and the client contacts the VIP.

Logically looks like this....

Screen Shot 2012-12-26 at 20.55.46.png

We're not using ipv6 however the highlight is shown below where reference to source NAT on the LB

Screen Shot 2012-12-26 at 21.01.15.png

Thank you

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
1 Reply 1

The NAT that is occuring is a destination NAT you could say.  When a request is made from an Outside Global address to a Inside Global address the ACE will take that Inside Global address and NAT it to an Inside Local address, say an internal servers IP address.  I believe the ACE also acts as a Reverse Proxy for external requests, meaning the ACE contacts the load balanced servers on behalf of the client.  That way external requests are not actually touching your servers.

Review Cisco Networking for a $25 gift card