[f-nsp] Serveriron xl - Def GW for real servers?

Michael Bellears MBellears at staff.datafx.com.au
Fri Oct 8 23:40:49 EDT 2004


Thanks for the quick response!

> > We are wanting to use the device for load-balancing multiple client 
> > co-lo servers (All In different subnets)
> >
> 	How many ports? 

Only the 8 port version. :( - but really liking the features so far!!
(Plus SI's are about a 1/4 of the price of comparable devices)

> 	Actually, the XL only needs to have an IP in the 
> subnet, NOT be the gateway. We have the gateway on the device 
> BEFORE the XL, and the server AFTER the XL.
> 
> 	EG:
> 
> 	Fenris.ttsg.com is at a base IP of 216.231.108.205, 
> with a netmask of 255.255.255.224, and a default GW of 
> 216.231.108.222.
> 
> 	The SIXL before it is 
> 
> server source-ip 216.231.108.221 255.255.255.224 0.0.0.0
> 
> 	And the SERVER REAL is at 216.231.108.194, with the 
> SERVER VIRTUAL is actually 216.231.104.29 (Which is part of 
> the base IPs for the SIXL {ip address 216.231.104.1 255.255.255.192})

Ok - from what you have described above(If I'm reading it correctly!),
it appears as though the device in front of the SI(Router?/FW?) Must
have an IP of 216.231.108.222(Web Servers def GW) and also an IP in the
216.231.104.x range (Which would be the SI's def gw?)....i.e. Multiple
subnets on the one device?

The
docco(http://www.foundrynet.com/services/documentation/siug/ServerIron_S
erver_Load_Balancing.html#43893) states you can either have your router
configured with all subnets, or have the SI utilise source IP
addresses+source NAT:

"If you have network topology similar to the example in Figure 6.21, but
you do not want to configure the router with multiple sub-nets, you can
instead enable source NAT and configure a source IP address on the
ServerIron. The source IP address allows the ServerIron to be in
multiple sub-nets, in addition to the sub-net of the ServerIron's
management IP address. Source NAT enables the ServerIron to perform IP
address translation on the source address in packets addressed to the
real servers. When source NAT is enabled, the ServerIron changes the
source address in the IP packets addressed to the real server to the
source IP address configured on the ServerIron. Figure 6.22 shows an
example of the topology shown in Figure 6.21, but in this case the
ServerIron is configured for multiple sub-nets instead of the router."

If I use this scenario (Not have mutliple subnets on the router in front
of the SI), what Def. GW would I be assigning the Real Webservers?(The
source ip defined for that subnet on the SI?) - Or is "best practice" to
have the router in front of the SI multi-homed?

> >
> > If the webservers are not configured with a def gw, how would the 
> > clients "manage" there servers (Eg. Would I have to configure ports 
> > and bindings for each service that needs to be accessed - RDP, FTP, 
> > SSH
> > etc?)
> > 
> 	If they don't have a default gateway, how the HECK do 
> they get anywhere? 

Hehe...precisely...they can't! That's why I'm asking what def gateway to
give the real servers, as my router is not(presently) multi-homed.

Regards,
MB




More information about the foundry-nsp mailing list