Forum Discussion

Don_Givens_2232's avatar
Don_Givens_2232
Icon for Nimbostratus rankNimbostratus
Nov 20, 2008

external IP for member of a pool?

I think I already know the answer to this question but:

 

 

My boss wants me to configure this if possible. We have a virtual server set up to loadbalance to 3 internal webservers. He wants to know if we can add an external IP address (basically our website that exists in a different locale) to the pool and load balance across not only our internal servers but this other location. I'm fairly certain this won't work and I'm also trying to battle the "why would we do this?" as well.

 

 

Any help as to if it will work and if not, why it won't work.

 

 

Thanks!
config
design

2 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Nov 20, 2008
    Hi there,

     

     

    As long as there is a route on the BIG-IP to the external hosts and back, you could load balance to them as pool members. The latency might be higher, but there isn't any technical limitation to doing this. Others here might have more practical reasons on why you might not want to do it.

     

     

    Aaron
  • dennypayne's avatar
    dennypayne
    Icon for Employee rankEmployee
    Nov 20, 2008
    You will have to SNAT if you do this. Since the external host doesn't use LTM as it's default gateway, if you don't SNAT (meaning LTM preserves the client's source IP), the connection will make it to the external server but then be sent directly back to the client. The client will drop the packet because it made a connection to the virtual server, not the external host. By using SNAT you ensure that the external host sends the connection back to LTM before it goes back to the client.

     

     

    The caveat with using SNAT is that you lose visibility to the original client's source IP in your server logs unless you add an X-Forwarded-For header or some other custom method of logging the original client IP. Some people care about this and some don't.

     

     

    Denny