[c-nsp] SLB Question

[Robert Blayzor]

Paul Stewart wrote:
> My last question would then be if we ran NAT with SLB then the servers
> having to cross layer3 comes out of the equation correct... because with
> NAT, there would be a translation happening which would handle the actual
> SLB portion?

I personally have not found NAT based SLB to be very useful, so I've 
steered away from it.  I've always found it easier to use dispatch mode, 
but your real servers must then know about the virtual server IP 
address.  (easy to do with Unix with alias to the loopback adapter)  You 
can also do loopback adapter on MS, but I find MS doesn't really like to 
deal with /32 subnet masks, so things could be a little more difficult 
to setup.

Anything L2 adjacent can still talk to the servers, just not on the 
virtual IP address.  They can talk to the real address.  But I guess 
that doesn't help you.  I find the only time you want to use NAT is if 
the real servers can't know or don't want to know anything about the 
virtual server IP address.  This can be particularly confusing for 
things like mail servers because you have to deal with mapping MX 
records to the right IP address for both internal and external hosts, 
etc.  It just seems messy to to me.  Of course I'm sure NAT has it's uses...

-Robert