subject:"Re\: \[Zenloadbalancer\-support\] Question about configuration"

Re: [Zenloadbalancer-support] Question about configuration

2016-10-17 Thread Emilio Campos

Dear Winston, in case you require to know the client IP from Backends you
require to work with DNAT (L4xNAT profile) for l4xnat with DNAT two network
interfaces is mandatory (one for VIP and another one for connecting to
backends), additionally the load balancer must be the gw for backends. as
is shown in the official documentation:

https://www.zenloadbalancer.com/knowledge-base/enterprise-edition-v4-1-administration-guide/enterprise-edition-v4-1-l4xnat-profile-farms/

For SNAT two network interfaces are not mandatory, but yes for DNAT.

There are list members that are working with DNAT, maybe they could give
some of support in order to make this work.

For further information please let us know.

2016-10-14 18:41 GMT+02:00 Winston G. :

> Good day Emilio,
>
> Thanks for your answer. Look, i have a 2 servers and the balancer in the
> same LAN. If i configure the farm with L4xNAT and Snat, i can see the
> balacer working but in the servers i cann see the balancer ip, i need to
> see the client ip. But if i change to Dnat, i cannot see any of traffic in
> the servers (backends).
>
> With a tcpdump in the balancer, i can see:
>
> 12:28:34.690771 IP X.X.X.108.51131 > Y.Y.Y.60.http-alt: Flags [S], seq
> 2834989906, win 8192, options [mss 1428,nop,wscale 8,nop,nop,sackOK],
> length 0
> 12:28:34.690802 IP X.X.X.108.51131 > Y.Y.Y.34.http-alt: Flags [S], seq
> 2834989906, win 8192, options [mss 1428,nop,wscale 8,nop,nop,sackOK],
> length 0
>
> IP Y.Y.Y.60 is the VIP in the balancer. the ip Y.Y.Y.34 is the real server
> ip. Then, i can say that the balancer is sending traffic, but with a
> tcpdump in the server i cannot see traffic from client (real ip source).
>
> I appreciate if you can give me a light to solve this behavior. Thanks for
> your help.
>
>
> Cordial Saludo,
>
> Winston Gaviria
>
> Winston Gaviria.
> Cel. 3003368580
>
> On Fri, Oct 14, 2016 at 5:57 AM, Emilio Campos <
> emilio.campos.mar...@gmail.com> wrote:
>
>> If you require transparency then use L4xNAT with DNAT, some members of
>> the list are working with this configuration and days ago we talked in a
>> mailing thread about firewall rules needed to allow backends go to another
>> network through the load balancer.
>>
>> Regards!
>>
>>
>> 2016-10-14 9:59 GMT+02:00 Steffen Höhne :
>>
>>> Hi Winston
>>>
>>>
>>>
>>> Use HTTP Farm J
>>>
>>>
>>>
>>>
>>>
>>> Freundliche Grüsse
>>>
>>> Steffen Höhne
>>>
>>> System Engineer
>>>
>>> 
>>> --
>>> JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
>>> Phone: +41 41 799 02 12
>>> Internet: http://www.jmc-software.ch * Email: *s...@jmc-software.ch
>>> *
>>>
>>> 
>>> --
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> *From:* Winston G. [mailto:argavi...@gmail.com]
>>> *Sent:* Donnerstag, 13. Oktober 2016 22:04
>>> *To:* zenloadbalancer-support@lists.sourceforge.net
>>> *Subject:* [Zenloadbalancer-support] Question about configuration
>>>
>>>
>>>
>>> Good day to everyone,
>>>
>>>
>>>
>>> I am trying to configure a ZLB with a farm tcp or L4xNAT. But i do not
>>> need to change the client ip address into any ZLB ip (NAT), in the
>>> destination server we need the source ip and the "X-Forwarded-For"
>>> configuration is no a option. There is a way to configure it? thanks for
>>> your help,
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>> Winston Gaviria.
>>>
>>> 
>>> --
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>>> ___
>>> Zenloadbalancer-support mailing list
>>> Zenloadbalancer-support@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>>
>>>
>>
>>
>> --
>> Load balancer distribution - Open Source Project
>> http://www.zenloadbalancer.com
>> Distribution list (subscribe): zenloadbalancer-support@lists.
>> sourceforge.net
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>> ___
>> Zenloadbalancer-support mailing list
>> Zenloadbalancer-support@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>
>>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> Zenloadbalancer-support mailing list
>

Re: [Zenloadbalancer-support] Question about configuration

2016-10-14 Thread Winston G.

Good day Emilio,

Thanks for your answer. Look, i have a 2 servers and the balancer in the
same LAN. If i configure the farm with L4xNAT and Snat, i can see the
balacer working but in the servers i cann see the balancer ip, i need to
see the client ip. But if i change to Dnat, i cannot see any of traffic in
the servers (backends).

With a tcpdump in the balancer, i can see:

12:28:34.690771 IP X.X.X.108.51131 > Y.Y.Y.60.http-alt: Flags [S], seq
2834989906, win 8192, options [mss 1428,nop,wscale 8,nop,nop,sackOK],
length 0
12:28:34.690802 IP X.X.X.108.51131 > Y.Y.Y.34.http-alt: Flags [S], seq
2834989906, win 8192, options [mss 1428,nop,wscale 8,nop,nop,sackOK],
length 0

IP Y.Y.Y.60 is the VIP in the balancer. the ip Y.Y.Y.34 is the real server
ip. Then, i can say that the balancer is sending traffic, but with a
tcpdump in the server i cannot see traffic from client (real ip source).

I appreciate if you can give me a light to solve this behavior. Thanks for
your help.


Cordial Saludo,

Winston Gaviria

Winston Gaviria.
Cel. 3003368580

On Fri, Oct 14, 2016 at 5:57 AM, Emilio Campos <
emilio.campos.mar...@gmail.com> wrote:

> If you require transparency then use L4xNAT with DNAT, some members of the
> list are working with this configuration and days ago we talked in a
> mailing thread about firewall rules needed to allow backends go to another
> network through the load balancer.
>
> Regards!
>
>
> 2016-10-14 9:59 GMT+02:00 Steffen Höhne :
>
>> Hi Winston
>>
>>
>>
>> Use HTTP Farm J
>>
>>
>>
>>
>>
>> Freundliche Grüsse
>>
>> Steffen Höhne
>>
>> System Engineer
>>
>> 
>> --
>> JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
>> Phone: +41 41 799 02 12
>> Internet: http://www.jmc-software.ch * Email: *s...@jmc-software.ch
>> *
>>
>> 
>> --
>>
>>
>>
>>
>>
>>
>>
>> *From:* Winston G. [mailto:argavi...@gmail.com]
>> *Sent:* Donnerstag, 13. Oktober 2016 22:04
>> *To:* zenloadbalancer-support@lists.sourceforge.net
>> *Subject:* [Zenloadbalancer-support] Question about configuration
>>
>>
>>
>> Good day to everyone,
>>
>>
>>
>> I am trying to configure a ZLB with a farm tcp or L4xNAT. But i do not
>> need to change the client ip address into any ZLB ip (NAT), in the
>> destination server we need the source ip and the "X-Forwarded-For"
>> configuration is no a option. There is a way to configure it? thanks for
>> your help,
>>
>>
>>
>> Regards,
>>
>>
>> Winston Gaviria.
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>> ___
>> Zenloadbalancer-support mailing list
>> Zenloadbalancer-support@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>
>>
>
>
> --
> Load balancer distribution - Open Source Project
> http://www.zenloadbalancer.com
> Distribution list (subscribe): zenloadbalancer-support@lists.
> sourceforge.net
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support

Re: [Zenloadbalancer-support] Question about configuration

2016-10-14 Thread Emilio Campos

If you require transparency then use L4xNAT with DNAT, some members of the
list are working with this configuration and days ago we talked in a
mailing thread about firewall rules needed to allow backends go to another
network through the load balancer.

Regards!


2016-10-14 9:59 GMT+02:00 Steffen Höhne :

> Hi Winston
>
>
>
> Use HTTP Farm J
>
>
>
>
>
> Freundliche Grüsse
>
> Steffen Höhne
>
> System Engineer
>
> 
> --
> JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
> Phone: +41 41 799 02 12
> Internet: http://www.jmc-software.ch * Email: *s...@jmc-software.ch
> *
>
> 
> --
>
>
>
>
>
>
>
> *From:* Winston G. [mailto:argavi...@gmail.com]
> *Sent:* Donnerstag, 13. Oktober 2016 22:04
> *To:* zenloadbalancer-support@lists.sourceforge.net
> *Subject:* [Zenloadbalancer-support] Question about configuration
>
>
>
> Good day to everyone,
>
>
>
> I am trying to configure a ZLB with a farm tcp or L4xNAT. But i do not
> need to change the client ip address into any ZLB ip (NAT), in the
> destination server we need the source ip and the "X-Forwarded-For"
> configuration is no a option. There is a way to configure it? thanks for
> your help,
>
>
>
> Regards,
>
>
> Winston Gaviria.
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>


-- 
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): zenloadbalancer-support@lists.sourceforge.net
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support

Re: [Zenloadbalancer-support] Question about configuration

2016-10-14 Thread Steffen Höhne

Hi Winston

Use HTTP Farm ☺


Freundliche Grüsse
Steffen Höhne
System Engineer
--
JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
Phone: +41 41 799 02 12
Internet: http://www.jmc-software.ch * Email: 
s...@jmc-software.ch
--



From: Winston G. [mailto:argavi...@gmail.com]
Sent: Donnerstag, 13. Oktober 2016 22:04
To: zenloadbalancer-support@lists.sourceforge.net
Subject: [Zenloadbalancer-support] Question about configuration

Good day to everyone,

I am trying to configure a ZLB with a farm tcp or L4xNAT. But i do not need to 
change the client ip address into any ZLB ip (NAT), in the destination server 
we need the source ip and the "X-Forwarded-For" configuration is no a option. 
There is a way to configure it? thanks for your help,

Regards,

Winston Gaviria.
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support

Re: [Zenloadbalancer-support] Question about configuration

Re: [Zenloadbalancer-support] Question about configuration

Re: [Zenloadbalancer-support] Question about configuration

Re: [Zenloadbalancer-support] Question about configuration

4 matches

Site Navigation

Mail list logo

Footer information