[c-nsp] SLB Question

[Arie Vayner (avayner)]

Hmm... I am writing from (long term) memory here...
I can't test it right now, but what most likely has to be done is to
build 2 different vservers, and use the "vlan <num>" classifier (with a
different vlan ID per vserver).
Both vservers can use the same servergroup...

Saying that, I am quite positive I made it work a couple of years back,
but since then the config was migrated to CSM, so I am not anymore

Arie 

-----Original Message-----
From: Robert Blayzor [mailto:rblayzor at inoc.net] 
Sent: Wednesday, July 11, 2007 19:45 PM
To: Arie Vayner (avayner)
Cc: Paul Stewart; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] SLB Question

Arie Vayner (avayner) wrote:
> If you really need to be able to provide access to the VIP from the 
> same
> L2 domain where the real servers are located, I would recommend moving

> to dispatched mode.
> Just disable "nat server", and configure the VIP as a loopback 
> interface on the real servers (easily done on any OS). This would 
> allow the servers to use the VIP as a source, so both remote and local

> clients would be able to access the VIP on the SLB instance, but the 
> return traffic would not require a translation back...

That's news to me.  I remember according to the docs even when using
dispatch mode, a layer3 hop is still required.

I've tried endless times to get L2 adjacent hosts to use virtual server
addresses on the same subnet/l2 with no luck.  Even in dispatch mode I
don't think the router will re-write the mac in the packets unless it
traverses a L3 hop.

Correct me if I'm wrong and point me to the documentation that proves
this please.

-Robert