Subnet Originating Request with non-local real servers

When using a virtual service that has non-local real servers the source address will always be the virtual service ip address. Some environments want to have the source ip to be the interface of the loadmaster and not the virtual service ip. The following article will show you how to set this up.

Pre-requisite: Make sure Allow connection scaling over 64K Connections is checked, the option (Alternate Source Addresses) will not show up in Advanced properties until this is checked.

This is located in System Configuration -> Miscellaneous Options -> L7 Configuration -> Allow connection scaling over 64K Connections.

 Next, you will have to navigate to the virtual service that you want to change the source ip of. Navigate to advanced properties -> Alternate Source Addresses and type in the new source ip address. You will not need to add the CIDR here.
asa.png

You can make the Alternate Source Addresses the ip of whatever source ip you would like to see the traffic come from.  Just need to make sure your real server knows how to send the traffic back to the new source ip


After completing the configuration you can verify this is all working by taking a packet capture on the loadmaster. In my test environment, I made the alternate source ip 192.20.2.1. As you can see in the screenshot the source ip is now 192.20.2.1.

 pcap.png

My real server doesn’t know where this ip is so it will not complete the TCP connection.

Was this article helpful?

0 out of 0 found this helpful

Comments