Forum Discussion
PPTP link load balancing with link controller
Hi guys,
I am trying to load balance PPTP access to a PPTP server through two different links with a link controller. As the PPTP client starts a connection through a tcp connection to any of the two VS published in the internet, and the PPTP server opens an egress GRE tunnel to it through a 0.0.0.0:* VS in the internal VLAN, I think that I require an i-rlue just to set a cross service persistance, in a way that one the VS gets the incoming connection, the egress GRE tunnel has to use the same link and NAT with the associated internet VS to keep the connection consistent. This are the i-rules:
i-rule of the two internet VS, writing a record in the persistence table with the client IP address and the internet VS IP address
when CLIENT_ACCEPT{
session add source_addr [IP::remote_addr] [IP::local_addr]
}
i-rule of the 0.0.0.0.0:* internal VS managing the outgoing GRE tunnels:
when CLIENT_ACCEPT {
if IP::protocol equals 53 {
set destination session lookup [IP::server_addr]
pool "router of the VS"
snat destination
}
What do you think about this solution?
TX!
AC
hooleylistCirrostratus
Hi Antonio,
That sounds plausible. Can you try something like this?when CLIENT_ACCEPTED { Add a session table entry with the client and destination IP addresses for 300 seconds session add uie [IP::remote_addr] [IP::local_addr] 300 }
i-rule of the 0.0.0.0.0:* internal VS managing the outgoing GRE tunnels:when CLIENT_ACCEPTED { if { [TCP::local_port] == 53 }{ set dest [session lookup uie [IP::local_addr]] if {$dest ne "" }{ snat $dest} } }
Aaron- Thanks Aaron,
I will try it on site. The only doubt I have is if LC will allow to use universal persistence? (so to use uie)?
AC
- Done!
The only remaining problem is that sessions are updated in the persistence table, but as there is no way to create a universal type profile, there is now way to check current connections in the statistics GUI... a pity, as in fact there is use only of L3 info...
