Hi I've to ask for the VM routing table and then I will share. VM gateway is load balancer.
Cheers James Il giorno gio 29 lug 2021 alle ore 18:17 Ryan Rawdon <r...@u13.net> ha scritto: > > > On Jul 29, 2021, at 11:55 AM, james list <jameslis...@gmail.com> wrote: > > > > > > Internet - Firewall – Lan - Load balancer – Lan – hypervisor- VM > > > > > > > > It happens sometime that the VM do not respond anymore to Load balancer > for > > external ip addresses until on the Load balancer it is setted to source > NAT > > (SNAT) the internet traffic and then SNAT it’s removed. > > > > Can you share the routing table of the VM in question? Specifically/most > importantly - Is the load balancer being used as the VM’s default gateway, > or does the VM use the firewall as its default gateway? In the latter > case, I would expect the load balancer to SNAT traffic or act as a full > layer 7 proxy where a new TCP connection is established from the load > balancer to the upstream servers. > > With a misconfiguration or misaligned design intention here, I could see > the intended behavior depending on ARP or firewall/connection state > tracking behavior in the devices. > > > > Something like an action that solicit the VM to refresh the arp. > > > > > > > > While health check from Loadbalancer to VM in the same LAN subnet never > > stops to work. > > > > > > > > Does anybody ever encountered the same problem on VM environments ? > > In the absence of evidence otherwise, I suspect your issue is not > VM-specific. Do you have examples of physical hosts in the same LAN that > do not exhibit this problem? If so, has the routing table (default gateway > and possibly other persistent static routes) been compared? > > > > > Any idea ? > > > > > > > > Thanks in advance > > > > James > > _______________________________________________ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/