On 2019/11/05 20:46, Mischa Peters wrote: > When you are using transparent (Direct Server Return) you have to make sure > you disable ARP on the servers you are load balancing.
Transparent is not "direct server return", that is done with "route to". > What happens with transparant is that the server gets the client IP as > source, not the IP of relayd, and will respond directly to the client from > its own IP address. The client is expecting a response from the relayd IP > address and doesn’t respond to the server. The client is expecting a response from the address it sent packets to, "transparent" doesn't interfere with this. There is something fiddly with the config for "transparent" but it should be possible to do what OP wants if relayd is on a machine on the network path between client and destination (e.g. on a firewall/router).
