Forum Discussion

nastymatt_11986's avatar
nastymatt_11986
Icon for Nimbostratus rankNimbostratus
Feb 28, 2013

Ip Forwarding

i.e. SNAT, or is simply the configuration of the pool? I have a feeling the client ip address is not getting forwarded (traffic coming from a cache - that ip address is showing in logs)

 

4 Replies

  • ok.. i dont think I quite explained myself properly. What I have is a varnish edge cache that is sending traffic to the f5, the pool on the f5 has 3 servers in it - but the f5 is sending all traffic to one server in the pool.

     

     

    The settings on the varnish edge cache are set to HTTP::header insert X-Forwarded-For [IP::remote_addr], so X-Forwarded-For should be sending the client ip but I am sure the pool is not configured correctly and is still reading the client IP as the varnish server so not doing round robin.

     

     

    So my question is, what are the settings required on a pool to read X-Forwarded-For to load balance by seeing the client ip?
  • OK, what persistence are you using? Either way, you'll need an iRule I think to read the header and persist based on what it contains.
  • can you try universal or carp persistence?

    sol7392: Overview of universal persistence

    http://support.f5.com/kb/en-us/solutions/public/7000/300/sol7392.html

    sol11362: Overview of the CARP hash algorithm

    http://support.f5.com/kb/en-us/solutions/public/11000/300/sol11362.html

    e.g.

    [root@ve10:Active] config  b rule myrule list
    rule myrule {
       when HTTP_REQUEST {
      if { [HTTP::header exists "X-Forwarded-For"] } {
        persist uie [HTTP::header "X-Forwarded-For"]
      }
    }
    }
    

    by the way, shouldn't we persist on destination/server ip instead of source/client ip?
  • geniuses.. if that is a word... I had source address persistence on.. so by turning that off I am getting load balanced... now to the X-forward-For suggestion.

     

     

    Cheers guys