Forum Discussion
NimbostratusProblem with servers using F5 as DG
CirrusIf I understand your configuration, it's a rare one; server trying to reach servers on the same network and in the same server pool as the requesting server. The SNAT should work but perhaps you used Auto-SNAT and the source is the same as the VS address (e.g. 10.1.1.1) which could cause the loop you are seeing. Try a SNAT, but use an address other than the VIP. Another alternative is to create a new VS with a VIP on the same network as the server (and pool members) you are trying to access (i.e. 10.2.1.x).
I have no idea what would happen if the requesting server gets itself as the destination in this scenario, seems to me you should put content on another IP address range on the same server or even on another pool of servers and make this a whole lot easier! All this looping back through the LTM can't be more efficient or better performing than just distributing the content to different IP addresses and using internal VIPs instead of pushing everything back through the 10.1.1.x VIP.
Mike_Marvel_629Preaching to the choir on this one Mark... but you know how Devs work. :) I tried SNAT but only tried auto-map. I'll try to SNAT to something else and see how that goes. Thanks.- This is strange. Why would the server connect back to the virtual server that is sending it load-balanced connections? If the resources are on the server itself, is it not more efficient for it to connect to its own loopback address?
- Mark_Harris_608Yes, and to continue to distribute the requests across the same array of servers for dynamic page content the same way the initial connection is distributed, simply running another IP address on the server and adding to a separate pool would resolve the networking loops. Loopback address would concentrate requests for the dynamic content to the same server initially connected to. I assume the developers are trying to create one big cluster so it scales better, more servers, more resources for initial and page-building content. I say go "old school" and run multiple IP addresses on each server.
- except that with HTTP, the clients are usually the ones initiating the connections, not the server. And i doubt this is a database server doing replication -- it would be absurd that a database cluster would be sending outbound connections that get proxied back to it.
- Mark_Harris_608the clients initiate a connection, the server they connect to then becomes the "client" to itself and other servers in the pool that have the page content. It's a two-tiered architecture that many sites use to host dynamic content. In fact, the web server may (and very often does) access a database for content, but databases are traditionally on another tier, this another subnet/VLAN, so the original problem Mike posted here is not an issue. You are correct though that web server-to-web server within a load balanced pool is rare.
