Forum Discussion

mp5_james_36598's avatar
mp5_james_36598
Icon for Nimbostratus rankNimbostratus
Jul 03, 2018

How to load balance receive connectors and preserve source IP address.

I am in need of help load balancing our Exchange receive connectors with our F5 BIG-IP.

 

I want to preserve the source IP address so the receive connectors know who it is coming from.

 

Currently I have the following setup.

 

3 Exchange 2016 servers in a DAG. A SMTP monitor has been created in the F5. A pool of the 3 exchange servers has been created in the F5 with the SMTP Monitor selected. A Virtual server with the pool selected and source address translation set to none.

 

If I telnet to the VIP on port 25 I get nothing. If i change the source address translation on the virtual server to automap i can connect via telnet on port 25. If i understand correctly that will use only the self IP of the F5 and not the source IP address.

 

Any way to acheive this while preserving the source IP?

 

Thank you James

 

2 Replies

  • Hi,

     

    So just to sum up your need:

     

    You want to preserve the source IP address so the receive connectors know who it is coming from.

     

    Of course in this case you have to disable SNAT Automap (In this case source address IP will remains the same, so it will not translante with self IP) but it's means that "receive connectors" will respond directly to client withtout passing by F5. This is commonly known as asymmetric routing. In asymmetric routing, reverse network traffic takes a different path from the original flow. this may create a problem !!!

     

    And of course when you activate SNAT AUTOMAP, "receive connectors" will respond to F5 then F5 respond to client. and in this case it will works.

     

    You have only one alternative to meet your needs. You have to disable snat in order to preserve Source IP but in order to force "receive connectors" respond trough F5 to avoid asymmetric routing you have to configure The "receive connectors" default GW to F5 (Floating IP if is a cluster or Self IP if is standalone).

     

    Hope it's clears. Keep me update if you go ahead and if you need more details.

     

    Regards,

     

  • Maisha's avatar
    Maisha
    Icon for Nimbostratus rankNimbostratus

    Hi  ,

     

    I am having the same issue where my Virtual and Nodes are on two separate networks. When I enabled SNAT, my connection to the Virual server add worked but I also lost my original source Ip of the Client in return response to the Client end. It is showing the original request was made by the self-ip of the Node's VLAn to the actual Node.

     

    You said "you have to configure The "receive connectors" default GW to F5", what did you mean? Can you give an example to solution?

     

    My Client IP = 10.10.100.100

    My External VLAN= selfip 1010.10.10

    My Internal VLAN= selfip 1010.20.10

     

    My Nodes are = 10.10.20.21 & 10.10.20.22 (but their default GW is IP 10.10.20.1 at the L3 Switch, since these nodes and not directlly connected to the F5). Both f5 and Nodes are VM hosts and are connected a L3 switch.