Forum Discussion
satish_81675
Nimbostratus
NimbostratusLoadbalance the loadblanced traffic with in the same Pool member range!
for example we have an vip range. 10.10.10.x and pool range 10.10.11.x with two vips and have two pools one for each pool and each pool with two nodes. No snating. and we are facing issues...
th...
Jason_40733
Cirrocumulus
CirrocumulusNot clear what issues you are having. We do have a two stage application with MS Single Sign On using our F5's to load balance. We use SNAT on both VIPs.
Setup: Proxy VIP facing the internet. It SNATs to two proxy servers. The proxy servers refer to a Federated server VIP. That Federated VIP then SNATs to two Federated servers. The reply flows back with a SNAT at each level and back to the original client. Our Proxy and Federated servers are in the same subnet.
Internet -> "Proxy VIP" ->(SNAT) "PROXY server" -> "Federated VIP" -> (SNAT) "Federated server"
It has been running and stable for us for over a year with a couple thousand users and about 8 external partner applications.
satish_81675thank you for the reply, we dont snat the Trafic in the DMZ and wanted to see if that is the only other way.- Jason_40733So if I have this correctly... both of your VIPs are on 10.10.10.x and all four of your pool members are on 10.10.11.x. If you have a loopback IP address of your VIP2 on your Pool2 members. They should respond to the Pool1 members directly with the IP of VIP2. You would probably also want a loopback address of your VIP1 on your Pool1 members. Not sure if that would work for you or not, but it might be worth a try.
- satish_81675also the f5 is the default gateway for all the pool members, how to setup the loopback IP address, .....sorry can you pelase explain...
- Jason_40733Setting the loopback address up will depend on your individual OS and version. You'd need to check Google or with the sysadmin on that.
