[f-nsp] [ServerIronXL] accessing VIP from real server
Tom Samplonius
tom at uniserve.com
Mon Jan 22 15:08:25 EST 2007
Yes, generally you can't do that, because the reply from one real server to
another is probably not going through the SIXL, so it is never re-written. And
if you are DSR, it never possible, even if it was, as the VIP IP is bound to
each real server. If you are not using DSR, and you directly attach each server
to the SIXL, it should work.
However, for e-mail what you can do, is setup an VIP just for internal use,
and source NAT that. And configure your SMTP server to use the internal VIP, if
they need to get to another server.
Tom
On Mon, 22 Jan 2007, news.gmane.org wrote:
> Hello
>
> I am having an issue with a load balancer config whereby the real
> servers (smtp servers) cannot access the VIP that they are part of.
>
> The servers are able to ping the VIP but any connections to port 25 are
> timed out.
>
> The load balancer is running ip forwarding, with the VIP range and real
> server range on the same VE.
>
> Enabling "server source-nat" resolves this , but makes all the
> connections on the servers appear to come from the load balancer alone.
>
> I need the real servers to be able to contact the VIP without
> translation taking place.
>
> Does anyone know a solution to this problem ?
>
> Thanks
> Matthew Kirkland
> Claranet Network Engineering
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
More information about the foundry-nsp
mailing list