Load balanced Telnet Servers - Pass through original IP or hostname?

Can you clarify if your backend servers are on an "internal" vlan; one that must pass through the Layer7 always?

 

(Because you are using SNAT it would seem possibly that you aren't but I wanted to check).

 

 

The trouble here is Layer7 sending a frame with an IP of the client on the header will cause the TCP stack on the server to try and respond to that ClientIP directly, bupassing the Layer7; The SNAT is a method to force the traffic to go back to the Layer7 -which re-writes the frame and TCP SYN number - beore sending the frame back to your client.

 

 

One way to make your servers accept the ClientIP and respond without trouble is the "spoke" network setup: You setup a subnet that your servers have an IP in and the Layer7 has an IP in. Servers are configured to use the Layer7s IP in that subnet as the default gateway so all traffic flows from the Layer7 to the server and back again regardless of the source IP; you get to keep your load balancing AND pass the client IP without breaking TCP.

 

 

hope this helps.