Application Delivery (ADX)

Reply
N/A
chris.rowan
Posts: 1
Registered: ‎01-13-2012

dsr and snat in one-armed config

Hi,

I have a customer with a one armed ms lync configuration. As the majority of their VIPS and Real servers belong to the same subnets, and the gateway on the servers is the local firewall/router, each real server will need SNAT configured to ensure the traffic returns through the ADX.

However, as this is MS Lync, there will be certain ports on certain VIPS delivering audio/video content which will need to bypass the adx to ensure fast response delivery to the client.

I cannot provide the exact configuration, however as a rule will the below configuration have the required results (where x and y are port numbers):

server virtual VS1 10.10.10.1
port x dsr
port y
bind x RS1 x RS2 x
bind y RS1 y RS2 y

server real RS1 10.10.10.2
source-nat
port x
port y

server real RS2 10.10.10.3
source-nat
port x
port y

So desired result is that:

port x traffic will return directly to client using dsr

port y traffic will return through the adx using snat

I am concerned, that with the required SNAT configuration, that the dsr will not function (i.e. the client source IP will be translated and therefore the destination of the return packet from the real server will be the ADX, even though dsr is enabled). OR...does dsr supercede the source-nat? In case it makes a difference they are running version 12.4 of router code (required as they have both external subnets and internal subnets configured for VIPS).

Any help is much appreciated...

Kind Regards,

Chris

Contributor
msahni
Posts: 45
Registered: ‎08-18-2011

Re: dsr and snat in one-armed config

Hi Chris,

Can you please let me know which patch of 12.4 is your customer using ?

Regards,

mohit

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.