[f-nsp] SLB ServerIron XL Question
David J. Hughes
bambi at Hughes.com.au
Thu Oct 14 09:54:55 EDT 2004
Hi.
You don't always have to use source-nat just because the
real server is remote. You only need to do that if the
default traffic path from the remote server back to the
client does not pass through the serveriron. Source
natting just ensures that the return traffic from the
real server will pass back via the serveriron (where
it's un-natted - if there is such a word :)
If you can default route from the real server to the
serveriron via the intermediate router, or use PBR
or similar on the intermediate router, then you can
use remote server configuration and still allow the
client's IP address to be presented to the real server.
David
...
On 14/10/2004, at 11:44 PM, John Willingham wrote:
> Greetings,
>
> I am new to this list and have a few questions regarding
> foundry's ServerIronXL , specifically dealing with the SLB portion
> with regards to source-nat and remote servers. Basically the question
> is and I am already certain I have the answer, but am looking for
> confirmation from outside sources: "In a remote server environment
> (non-local to the SLB) with source-nat enabled, the requests and log
> entries are from the SLB, not the clients, in this setup is it
> possible to pass the client address to the servers NOT local to the
> SLB, and continue to work in a remote configuration.
More information about the foundry-nsp
mailing list