For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Brett_Williams's avatar
Brett_Williams
Icon for Nimbostratus rankNimbostratus
May 09, 2020

Communication from one pool member to another

So, in normal circumstances, I wouldn't want my pool members communicating with each other. However, I am trying to load balance syslog. Yes, I know this sounds crazy. But bear with me.   I su...
application delivery
BIG-IP
LTM
Brett_Williams's avatar
Brett_Williams
Icon for Nimbostratus rankNimbostratus
May 13, 2020

Not a concern. Syslog is a stateless "fire and forget" protocol for the most part.

 

I drew up a diagram in LucidChart. Attaching.

 

Virtual server is UDP stateless. Load balancer is green. Ingress/virtual server side is on the left, and egress/node side is on the right.

 

Pool members run on the same port as the virtual server, so there is no port or address translation happening, except for routing packets to a pool member. No SNAT, no AutoMap.

 

Syslog packets coming from devices on the network are spread relatively equally across my pool members. This is working as expected and designed.

 

I also generate syslog packets from the pool members, pointed back at the virtual server. So, like a loopback, except pointed at the virtual server. These syslog-generating scripts run on both servers. And it touches every mode of transport I have ingress to the servers to serve as an advanced health monitor for our own purposes. So, on pool member 1, if I point to localhost:30514, I see all the packets, because they never leave the network stack of the pool member. However, if I point to virtual_server:30514, I see only about half the packets. The other half of the packets, which should be arriving on pool member 2, do not arrive on pool member 2.