Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Defining a Default gateway for a specific Virtual Service

 

Information

 

Summary:

Need to apply a default gateway for a specific Virtual Service to prevent an asymmetric route.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:
  • In certain situations, it may be necessary to force the LoadMaster to always respond to certain client requests through an alternate gateway. This typically happens in a two-armed network configuration when a client that resides on LoadMaster's Real Server network connects to a VS using the VS IP address.
  • Because the LoadMaster 'knows' the network on which the client IP address resides, by default it attempts to respond to the client directly over the Real Server network, rather than responding through the gateway associated with the VS IP. On the client side, you will see broken connections; when the client sees the response on the local Real Server network, it rejects it because it is expecting a response from the VS IP (not the LoadMaster's IP on the local network).
Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: When the LoadMaster is deployed within two or more networks, keeping routing correct will make or break the setup
Resolution:
  • Each Virtual Service can be configured with its own gateway. This can be set in the Advanced Properties section of the Virtual Service modify screen. That means you can send Virtual Service responses through a gateway specific to each Virtual Service. Ensure that the gateway is within the same subnet as your Virtual Service.
  • In addition to configuring a gateway for each of the Virtual Services, ensure that responses are sent out on the correct interface. Enabling the Use Default Route Only option will accomplish that. This feature is also located in System Configuration > Miscellaneous Options > Network Options.
  • The Use Default Route Only option tells the LoadMaster to use manually defined routes for specific clients instead of responding to them over directly connected networks.
  • Without forcing the use of the Use Default Route Only option, this scenario can result in asymmetrical routing which may affect users on networks directly connected to the LoadMaster, who can access Virtual Services located on a different interface of the LoadMaster (particularly where a stateful firewall is used).
  • After all of these settings and features have been configured, the LoadMaster should be able to route all traffic appropriately.  

Default_Gateway.PNGUDRO.PNG

Workaround:  
Notes:  

 


Comments