VS with public IP on LMs with private IP

0

We've installed two LM-2600s in our DMZ to load balance 2 internet services.
The LMs are on a private IP subnet, as well as the real servers. When I want to add the public IP to the virtual service, I get an error "Virtual service not on available network".

To resolve this, we're thinking of these two options:
1. Add a public IP to the eth0 of the LMs, under 'Additional addresses'. Eth0 is the only NIC in use.
2. Give the virtual services private IPs and NAT the public IPs on the firewall down to the private IP on the LMs.
Would both of these options work? Is there even another way of doing it? Since we don't have that many, we'd like to avoid using up an additional public IP for this.

Possibly unrelated: Another real server is in our normal LAN (different subnet) and so the virtual service accessing that is set to allow real servers in other networks.

Thanks in advance
Felix

2 comments

Avatar
0
Barry Gleeson

Hi Felix,
VIPs can only be added on a network for which the Loadmaster has an interface.
Both options above are reasonable solutions.

Using a single Interface you could also use VLANs to allow multiple network on the same Physical Interface. The Public Service would then become a "Two-armed" Virtual Service with requests coming in on one network and Real Servers on another network. (This would be similar with an additional interface used but the subnets would not be segregated)

NATing would mean the service would remain as one armed (and in effect the loadmaster would see all requests as being to the private VIP with no difference in how they would be processed)

Barry

Avatar
0
kempsupportaccount

Thanks Barry
that's what I was looking for