Direct Server Return (DSR) is a method whereby traffic hits the LoadMaster on the way in and bypasses the LoadMaster on the way out.
The primary advantage of DSR is that the LoadMaster only handles a portion of the work associated with load balancing, specifically the inbound traffic. The servers respond directly to the clients, bypassing the LoadMaster on the way out.
If the particular traffic profile for a site is for every packet in, eight packets are sent out, this would result in the LoadMaster handling around 87% less traffic than it would without DSR.
For DSR to work, the Virtual IP (VIP) address on a Real Server must be configured so that the server does not respond to ARP requests on the VIP address.
For Linux with a recent 2.4 kernel, this can be done by creating the VIP as an IP alias on the loopback interface. On Windows this involves creating a loopback adapter with specific configuration parameters. Refer to the Configuring a VIP on the loopback interface on Linux and DSR Configuration on Windows sections for detailed steps on how to do this in both operating systems.
When you create the Virtual Service, enable Force L4 in Standard Options and select Direct return as the Forwarding method when adding the Real Server. This means that the LoadMaster just routes the packets from a client to a Real Server without modifying the IP addresses. The Real Server accepts requests for the VIP destination address because it has configured the VIP as an IP alias. The Real Server will then reply to the IP address of the requesting client with the source IP address of the reply set to the VIP.
The table below shows an example of DSR steps.
On a linux machine, the "ifconfig -a" command will look something like this:
root@RS1 $ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:00:00:00:00:bb inet addr: 184.108.40.206 Bcast: 220.127.116.11 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:96561817 errors:526 dropped:0 overruns:5 frame:0 TX
packets:97174301 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:10 Base address:0x4000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:3924 Metric:1 RX packets:3985923
errors:0 dropped:0 overruns:0 frame:0 TX packets:3985923 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
To create an additional loopback interface with an IP alias, use the "ifconfig" command like this:
root@RS1 $ ifconfig lo:1 <VirtualServiceIPAddress> broadcast 18.104.22.168 netmask 255.255.255.255
root@RS1 $ ifconfig lo:1
lo:1 Link encap:Local Loopback inet addr:22.214.171.124 Mask:255.255.255.255 UP LOOPBACK RUNNING MTU:3924 Metric:1
If the machine reboots, this configuration will no longer be available. To set this permanently, some Linux configuration files need to be edited. Steps on how to do this vary from distribution to distribution.
The next step is to disable invalid ARP replies. Add the following to the /etc/sysctl.conf file:
For Windows, it is typically best to use the loopback address. However, to use the loopback address, the loopback adapter needs to be added first. Follow the instructions for the relevant version of Windows below to add the loopback adapter. Then, configure the VIP of the loopback interface by following the instructions in the Configure the VIP of the Loopback Interface section. Add a Loopback Interface on Windows Server 2000.
Follow the instructions below to first add a loopback interface and then configure a VIP in Windows Server 2000:
1. Click Start, select Settings and select Control Panel.
2. Click Add/Remove Hardware.
3. Click Add/troubleshoot a device.
4. Click Next.
5. Click Add a new device.
6. Click Next.
7. Select No, select from list.
8. Click Next.
9. Select Network Adapters.
10. Click Next.
11. Select Microsoft as the Manufacturer.
12. Select MS Loopback Adapter (or Microsoft KM-TEST Loopback Adapter for Windows 8 and Windows Server 2012).
13. Click Next.
14. Click Finish.
To configure the created Loopback Adapter, follow the steps below:
15. Click Start, select Settings and select Control Panel.
16. Click Network and Dial up Connections.
17. Right-click the new adapter and select Properties.
18. Select Internet Protocol.
19. Remove the tick from Client for MS Networks and File and Printer sharing.
20. In TCP/IP Properties, enter the IP address of Virtual Server.
The loopback adapter gets the same address as the LoadMaster Virtual Service IP.
Do not enter a default gateway.
21. Click Advanced.
22. Set the Interface Metric to 254.
This step is important - it prevents the loopback adapter from responding to ARP requests.
23. Click OK and save all changes.
The steps below have been tested in Windows Server 2008 R2 and 2012.
To add a loopback adapter on Windows Server 2008 and 2012, follow the steps below:
1. Click Start and right-click Computer.
2. Select Properties.
3. Click Device Manager.
4. Right-click the computer name and select Add Legacy Hardware.
5. Click Next.
6. Select Install the hardware that I manually select from a list (Advanced).
7. Click Next.
8. Select Network adapters.
9. Click Next.
10. Select Microsoft on the left.
11. Select Microsoft KM-TEST Loopback Adapter on the right.
12. Click Next.
13. Click Next again.
14. Click Start and select Control Panel.
15. Click Network and Sharing Center.
16. Click Change adapter settings.
It is a good idea to rename the adapters so that they are distinguishable, for example; rename the new adapter to loopback and the real network adapter to network.
17. Configure the loopback adapter with the Virtual Service IP. For instructions on how to do this, refer to the Configure the VIP of the Loopback Interface section.
Ensure the "network" adapter is the actual network adapter that will send and receive traffic.
18. On the Windows command line, run the following commands:
netsh interface ipv4 set interface "net" weakhostreceive=enabled
netsh interface ipv4 set interface "loopback" weakhostreceive=enabled
netsh interface ipv4 set interface "loopback" weakhostsend=enabled
On the Windows command line, run the following commands:
netsh interface ipv6 set interface LAN weakhostreceive=enabled
netsh interface *ipv6 *set interface Kemp-SMTP-LOOPBACK weakhostreceive=enabled
netsh interface *ipv6 *set interface Kemp-SMTP-LOOPBACK weakhostsend=enabled
In the loopback adapter properties:
IPv6 address: <IPAddressOf TheVIP>
Subnet prefix length: 128
In Advanced Properties, set the Interface metric to 254.
If you want IPv6 DSR, you must have the IPv6 address as the primary address on the interface. Additional addresses may be IPv6 or IPv4, as required.
To configure the VIP of the loopback interface, follow the steps below:
1. Click Start and select Control Panel.
2. Click Network Connections.
3. Right-click the loopback interface and select Properties.
4. Select Internet Protocol (TCP/IP).
5. The TCP/IP properties window will appear. This is where the Virtual Service IP address can be configured. Enter the Virtual Service IP address and click Advanced....
6. Advanced TCP/IP SettingsRemove the check from the Automatic metric checkbox.
7. Enter 254 in the Interface metric text box.
8. Click OK to activate the change.
9. Click OK and Close.
This document was last updated on 10 March 2022.