[f-nsp] ServerIron sample configs using L3 code
Raja Subramanian
rajasuperman at gmail.com
Thu May 3 15:38:22 EDT 2007
Hi All,
I have a Foundry ServerIron 4G-SSL running L2/L3 firmware ver 10.0.0.
Using L2 code, I've had partial success and managed to load balance
my web servers, but I just can't get it working using the L3 code.
Can anyone please share their configuration files?
I'm trying to setup the following but am facing difficulties:
1. SI in one-arm setup running only simple SLB (no GSLB, etc).
2. Client IP needs to be visible to my apps, so I can't use
source-nat. I can't use DSR either.
3. Return traffic from servers pass through the SI because the
servers use the SI as their gateway.
4. Real servers are in 10.0.10.x/24 network, with gateway set
to the SI (10.0.10.1). VIP is 172.16.10.10 and 172.16.10.13.
5. Real servers need to initiate connections to external networks.
6. When (5) happens, the SI must rewrite SRC address with the bound
VIP.
7. In the same subnet, there are 3 different routers with different
subnets attached, and a separate default gateway. Traffic from
all subnets reaches my VIPs, so ideally I want to run L3 code in
my SI and assign static routes.
Using the L2 code, I've got 1-4 working correctly, but can't get
5,6 working. If I use the L3 code, nothing works.
To get 5,6 working, the Foundry manuals advise the use of the
"server reverse-nat" command. But these manuals are circa 2003,
2005 and my SI running the latest 10.0.0 firmware does not even
support this command. I can't get anything working using the
L3 code, and I'm stuck!
Can someone please throw some light?
Thank you for reading!
- Raja
More information about the foundry-nsp
mailing list