FLB - Single Arm reverse proxy and real servers default gateway, what to use?

0

First off I think the KEMP supplied documentation is really helpful. However I'm struggling to get this fully implemented. My main use is to use the FLB as a reverse proxy in a single arm flat network structure.

Its a home network / homelab and I have a number of web accessible services which I'd like re-route using the LB.

In this set-up should the real servers default gateway be that of the Kemp appliance or the switch / router?

1 comment

Avatar
0
Tony Vaughan

Hi Steve,

short answer,
you should only need to set the real servers gateway as the LoadMaster if you are using transparency

longer answer,
the question you need to ask is what is the real server seeing as the source address of the traffic
if transparency is enabled then the real server will see traffic from the client's address
(please see the transparency documents for full requirements
also note Layer 4 is always transparent)

if transparency is disabled then the real server will see traffic from the virtual service or interface address of the LoadMaster
the real server should return traffic directly to the LoadMaster as it has a direct connection,

the real server will only use its gateway if the traffic is going to a non-local subnet


Transparency documents
https://support.kemptechnologies.com/hc/en-us/articles/203126369-Transparency
https://support.kemptechnologies.com/hc/en-us/articles/360003142651-Transparency