Forum Discussion
Piotr_Lewandows
Altostratus
AltostratusLocal Traffic Policy and forward to virtual not working
Hi,
Maybe not "not working at all" but for some reasons for some configs not :-(
I tried setup like that:
VS1 - Standard, wildcard with pool containing default gateway IP (not really ...
dragonflymr
Cirrostratus
CirrostratusHi,
Switched to 12.0.0HF3. Unfortunately it seems not to be working.
I am using virtual "name of virtual server" "IP of target server" "Port of target server" This is set in HTTP_REQUEST event.
Targeted virtual is ForwardIP type
Source virtual is Standard with explicit proxy HTTP profile attached. SNAT is set to external VLAN IP, Address/Port translation enabled.
Result is:
- If I am using snat none before virtual command traffic is reaching ForwardingIP VS with actual client IP. Target server IP is however still one of Standard explicit proxy IP: CLIENT_ACCEPTED; allow_all_interent_vs; Clientside; Conn: 10.24.17.120 to 10.24.17.15: 10.24.17.120 is client IP 10.24.17.15 is standard VS (source of VIP to VIP communication)
- If snat none is no used in iRule then traffic is indeed arriving at ForwardIP VS with snated client IP. CLIENT_ACCEPTED; allow_all_interent_vs; Clientside; Conn: 192.168.75.243 to 10.24.17.15 but still with the same target IP
So in both cases IP:port specified via virtual command is ignored.
What could be the reason? Should I place virtual command in other event? Should I use LB::reselect or LB::detach, or both - if so LB::detach first then LB::reselect?
On Standard VS (source VIP) I have such entries in log:
CLIENT_ACCEPTED; explicit_intercept_http_no_apm_vs; Clientside; Conn: 10.24.17.120:49294 to 10.24.17.15:5151. Src VS (from shared): No source VS
HTTP_PROXY_REQUEST; explicit_intercept_http_no_apm_vs; Clientside; AFTER calling resolv_fqdn_2 proc; Method: GET; URI: http://portquiz.net/; For target FQDN: portquiz.net; Target server: 178.33.250.62:80
HTTP_PROXY_REQUEST; explicit_intercept_http_no_apm_vs; Clientside; Conn: 10.24.17.120:49294 to 10.24.17.15:5151. URI: http://portquiz.net/; No PROXY URI: /
HTTP_REQUEST; explicit_intercept_http_no_apm_vs; Clientside; Conn: 10.24.17.120:49294 to 10.24.17.15:5151. URI: /; No PROXY URI: /
HTTP_REQUEST; explicit_intercept_http_no_apm_vs; Clientside; LB server SELECTED: "178.33.250.62 80", LB server addr: "178.33.250.62:80"
HTTP_REQUEST; explicit_intercept_http_no_apm_vs; Clientside; After virtual (via virtual command) set (/Common/allow_all_interent_vs) for target server (178.33.250.62:80): nexthop = unknown; unknown; ff:ff:ff:ff:ff:ff
LB_SELECTED; explicit_intercept_http_no_apm_vs; Clientside; LB server SELECTED: "0.0.0.0 0", LB server addr: "0.0.0.0"
LB_FAILED; explicit_intercept_http_no_apm_vs; Clientside; LB FAILED for VS (/Common/allow_all_interent_vs): "0.0.0.0 0", LB server addr: "0.0.0.0"
Piotr