Forum Discussion
AltostratusTurning off SNAT Automap on a UPD VIP and Pool
Hi Guys, I am hoping someone can help me understand something we are attempting to do.
We have a bunch of KIWI Syslog servers we are attempting to load balance behind an F5 VIP. This works great. However, the KIWI servers now see the original senders IP as the F5 sending IP. In order for the back-end Kiwi nodes to see the original devices IP, we tried to turn off the SNAT Automap on the VIP however, when we do that, we do not see any traffic getting to the nodes. Upon reading a little further I see that we have to make the back-end nodes's default gateway an F5 IP.
The question I have is, why do we need to do this? My understanding is, if we don't do this, the response from the back-end nodes will go directly to the original device bypassing the F5, which is probably not a good idea. But in this specific case, we just need to the UDP syslogs to get to the nodes via the F5 (for load balancing) and do not need a response back from the kiwi nodes back to the original device.
My knowledge on routing and network layer is not very deep, could some one please help me understand why this config doesn't work?
Thanks so much!
Suni
Have you tried using a stateless virtual server (as opposed to a standard virtual server) for one-way UDP traffic processing? Article K13675 provides a nice overview of using this feature for syslog server load balancing. There are some limitations to this server type, but I don't think you'll need them.
SuniHi crodriquez,
I just changed my VIP to a stateless VIP and that worked great!! Thanks so much for taking the time to answer this question!
-Suni