LB Traffic and OAM traffic isolation

Hope i understand it correctly. my opinions: OAM will use host route info. see "ip -f inet route show" tmm has its own routing table. see "tmsh show net route" if tmm route is not available, the traffic processed by tmm will be routed, tmmwill not use host route.

Hi, We have the following route table (there is no static route defined) Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.252 U 0 0 0 HA 192.168.41.0 0.0.0.0 255.255.255.248 U 0 0 0 internal xxx.xxx.xxx.xxx 0.0.0.0 255.255.255.248 U 0 0 0 external xxx.xx.xx.xxx 0.0.0.0 255.255.255.240 U 0 0 0 mgmt xxx.xx.xx.xxx 0.0.0.0 255.255.255.240 U 9 0 0 mgmt 127.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tmm0 127.3.0.0 0.0.0.0 255.255.255.0 U 0 0 0 mgmt_bp 127.2.0.0 0.0.0.0 255.255.255.0 U 0 0 0 mgmt.1 127.7.0.0 127.1.1.254 255.255.0.0 UG 0 0 0 tmm0 0.0.0.0 172.17.44.xxx 0.0.0.0 UG 9 0 0 mgmt If there is no route in TMM, traffic is going via mgmt interface. Can we restrict this or is this default behavior?

What type of traffic are you seeing that going via the mgmt interface ?

 

The only processes that can see the management interface are those running in linux (such as the bigd health monitor process, ldapsearch, ntp, or the management GUI). Even for those processes, they will prefer a tmm route before they use the management default route, unless you've also specified a management-route to override that.

 

Load balanced (tmm) traffic can not access the management interface, so you can not have user traffic arriving at a virtual server, and then being load balanced out through the managment interface.