Server configuration for layer 4 DSR mode



Similar documents
Appliance Quick Start Guide. v7.6

Appliance Quick Start Guide v6.21

This article describes a detailed configuration example that demonstrates how to configure Cyberoam to provide the access of internal resources.

Appliance Quick Start Guide. v7.6

Barracuda Load Balancer Administrator s Guide

Appliance Quick Start Guide v6.21

ClusterLoad ESX Virtual Appliance quick start guide v6.3

Supporting Multiple Firewalled Subnets on SonicOS Enhanced

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Barracuda Load Balancer Administrator s Guide

Appliance Administration Manual. v6.21

Load Balancing Microsoft Remote Desktop Services. Deployment Guide

1 PC to WX64 direction connection with crossover cable or hub/switch

Microsoft Internet Information Services (IIS) Deployment Guide

Chapter 3 LAN Configuration

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Load Balancing Barracuda Web Filter. Deployment Guide

Load Balancing Microsoft Terminal Services. Deployment Guide

(1) Network Camera

Configuring a VPN for Dynamic IP Address Connections

F-SECURE MESSAGING SECURITY GATEWAY

Load Balancing Microsoft IIS. Deployment Guide

Application Note. Stateful Firewall, IPS or IDS Load- Balancing

Load Balancing Bloxx Web Filter. Deployment Guide

Loadbalancer.org. Loadbalancer.org appliance quick setup guide. v6.6

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

Smoothwall Web Filter Deployment Guide

Configure SPLM 2012 on Windows 7 Laptop

How To Industrial Networking

Application Note. Active Directory Federation Services deployment guide

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Exchange 2013 deployment guide

How to Guide: StorageCraft Cloud Services VPN

Network Load Balancing

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Microsoft Windows 2008 Media Server Load Balancing with Radware AppDirector.

NETFORT LANGUARDIAN INSTALLING LANGUARDIAN ON MICROSOFT HYPER V

Sophos UTM Software Appliance

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Barracuda Load Balancer Administrator s Guide

Configuring Global Protect SSL VPN with a user-defined port

Web Authentication Application Note

PFSENSE Load Balance with Fail Over From Version Beta3

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Multi-Homing Dual WAN Firewall Router

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide

How to Prevent Children from Browsing Improper Web Page within the Time Limit Step 1: Get the MAC Address of the Computer that Children Use

Load Balancing SIP Quick Reference Guide v1.3.1

Transparent Firewall/Filtering Bridge - pfsense By William Tarrh

Multi-Homing Security Gateway

Using a simple crossover RJ45 cable, you can directly connect your Dexter to any computer.

Load Balancing Sophos Web Gateway. Deployment Guide

Quick Installation Guide Network Management Card

Microsoft Lync 2010 Deployment Guide

6.0. Getting Started Guide

Appliance Administration Manual. v7.2

Load Balancing McAfee Web Gateway. Deployment Guide

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

F-Secure Internet Gatekeeper Virtual Appliance

TDP43ME NetPS. Network Printer Server. Control Center. for Ethernet Module

FTP Server Configuration

How to Setup PPTP VPN Between a Windows PPTP Client and the DIR-130.

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

Load Balancing Trend Micro InterScan Web Gateway

Application Description

Guide to Setting up Internet Connection Sharing for Windows

Step-by-Step Guide for Setting Up IPv6 in a Test Lab

Remote Desktop Services

iboss Enterprise Deployment Guide iboss Web Filters

Barracuda Load Balancer Administrator s Guide

How To Configure Apple ipad for Cyberoam L2TP

HP Device Manager 4.6

1-Port Wireless USB 2.0 Print Server Model # APSUSB201W. Quick Installation Guide. Ver. 2A

Routing concepts in Cyberoam

Shared Components PSTN gateways PSTN gateways New IP/PSTN Gateway Define New IP/PSTN Gateway Define the PSTN Gateway FQDN FQDN Next

How to Scale out SharePoint Server 2007 from a single server farm to a 3 server farm with Microsoft Network Load Balancing on the Web servers.

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Internet Guide. Prepared for 55 John Street

CET442L Lab #2. IP Configuration and Network Traffic Analysis Lab

IP Office - Job Aid Remote Access

Deploying the BIG-IP System for Microsoft Application Virtualization

Load Balancing Smoothwall Secure Web Gateway

Technical Note. Monitoring Ethernet Traffic with Tolomatic ACS & Managed Switch. Contents

Load Balancing Clearswift Secure Web Gateway

Option nv, Gaston Geenslaan 14, B-3001 Leuven Tel Fax Page 1 of 14

Optional VBP-E at the Headquarters Location

BR Load Balancing Router. Manual

Virtual Appliance Setup Guide

Chapter 7 Troubleshooting

Configuring Security for FTP Traffic

Configuring NXT Hardware with Mercury Inside into Doors.NET TM Application Note

This document details the following four steps in setting up a Web Server (aka Internet Information Services -IIS) on Windows XP:

VPN Tracker for Mac OS X

Virtual Office Remote Installation Guide

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

How to configure your Thomson SpeedTouch 780WL for ADSL2+

Moxa Device Manager 2.0 User s Guide

Transcription:

ALOHA Load-Balancer - Application Note Document version: v1.1 Last update: 4th March 2014 EMEA Headquarters 3, rue du petit robinson ZAC des Metz 78350 Jouy-en-Josas France http://www.haproxy.com/

Purpose Server side configuration to be compatible with an ALOHA Load-Balancer configured in Layer 4 DSR mode. DSR (stands for Direct Server Return) is also known as gateway mode Complexity Versions concerned Aloha 4.2 and above Changelog Version Description 1.1 HAProxy Tech. theme update minor changes 1.0 Initial release Page 2 of 7

Reminder about Gateway or DSR mode In layer 4 gateway mode, the ALOHA Load-Balancer sees only the traffic going from the client to the server. The servers answer directly to the client through its default gateway. As shown in the diagram above: the client reaches the Virtual IP which is configured on the Load-Balancer The ALOHA Load-Balancer chooses a server based on its configuration, then change the destination MAC address of the frame before forwarding it to the server The server gets the packets corresponding to the request When the server answers back to the client, it does it directly, bypassing the ALOHA Load-Balancer In order to work in such way, the server must hosts the Virtual IP too, but should not answer to ARP requests with it. And this is where you need the current document to know how to configure your servers properly. Page 3 of 7

Linux configuration Alias creation on the loopback interface Create a loopback interface (ie lo:1) with the Virtual IP address and a netmask value setup to 255.255.255.255 (/32). Don t forget to make it resilient at start up. This configuration depends on the Linux distribution you re using. System parameters Setup the two sysctls below: arp_ignore must be set to 1 arp_announce must be set to 2 To apply the changes directly, run the commands below: sysctl -w net.ipv4.conf.all.arp_ignore=1 sysctl -w net.ipv4.conf.all.arp_announce=2 In order to makes these changes resilient after reboot, edit your /etc/sysctls.conf file then add the two lines below: net.ipv4.conf.all.arp_ignore=1 net.ipv4.conf.all.arp_announce=2 To get more information about these sysctls settings, read the chapter "Further reading" at the end of this document. Page 4 of 7

Windows 2003 configuration Create the loopback interface Click on the Start menu, then on Control Panel and finally on Add Hardware Select Yes, I have already connected the hardware, then click on Next In the list of installed hardware, select Add a new hardware device, then click on Next Select Install the hardware that I manually select from a list, then click on Next Select Network adapters, then click on Next In the Manufacturer list, select Microsoft In the Network Adapter list, select Microsoft Loopback Adapter again Click on Finish Configure the Virtual IP Now you can configure the Virtual IP address on the loopback interface, with a netmask value setup to 255.255.255.255 (/32) and without default gateway setting. You have to set the interface metric to 254, in order to prevent the loopback network adapter from answering ARP requests: When setting up the IP address, click on Advanced, uncheck Automatic metric then set interface metric to 254. Page 5 of 7

Windows 2008 configuration Create a loopback adapter Go in the Device Manager, then: Right-click on Computer Name, choose Add Legacy Hardware Choose Install the hardware I manually select from a list Choose Network Adapters Choose Microsoft on the left and Loopback adapter on the right It is recommended to rename the loopback you ve just created to something more admin friendly. It will ease the job from the next step Allow traffic on the loopback interface In the example below, we have a physical interface, called LAN and a loopback interface, called LO. Run the command below: netsh interface ipv4 set interface "LAN" weakhostreceive=enabled netsh interface ipv4 set interface "LO" weakhostreceive=enabled netsh interface ipv4 set interface "LO" weakhostsend=enabled Firewall settings Don t forget to configure the firewall on the loopback interface, allowing the traffic it is supposed to receive. Virtual IP address configuration Now you can configure the Virtual IP address on the loopback interface, with a netmask value setup to 255.255.255.255 (/32) and without default gateway setting. Page 6 of 7

Further reading Linux sysctls More information on the required sysctls can be found in the link below, as well as information on many sysctls: http://www.kernel.org/doc/documentation/networking/ip-sysctl.txt Microsoft Technet links Install a loopback interface on Windows Server 2003: http://support.microsoft.com/kb/842561 Install a loopback interface on Windows Server 2008: http://technet.microsoft.com/en-us/library/cc708322.aspx Page 7 of 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information