Forum Discussion
Brad_Parker
Mar 09, 2015Cirrus
A possible solution I have got to work is as follows and the server still sees the traffic as originating from the true source IP:
- Create your pools with priority activation.
- Add nodes from both data centers to your pool
- Set the servers in the local data center to priority 10
- Set the servers in the remote data center to priority 1
- Make sure your persistence cookie has the same name in both data centers and is only applied to your virtual server for the application
- Create a SNAT pool in both data centers
- Create a standard virtual server in each DC that has a source of your SNAT pool IPs and 0.0.0.0/0:80 as the destination
- Apply the first iRule to the virtual servers handling incoming traffic for you application and the second iRule to the virtual servers that are listening for traffic form your SNAT pool IPs.
when HTTP_REQUEST {
HTTP::header insert sIP [IP::client_addr]
}
when LB_SELECTED {
if { [LB::server priority] == 1 } {
snatpool interDC
HTTP::header insert dIP [LB::server addr]
} else {
snat none
return
}
}
when HTTP_REQUEST {
if { [HTTP::header exists "sIP"] && [HTTP::header exists "dIP"] } {
persist none
snat [HTTP::header values "sIP"]
node [HTTP::header values "dIP"]
} else {
reject
}
}
This can maintain persistence to the destination server even if a user hops over to your other data center.