Re: Client IP behind Load Balancer
From: Cédric Dardenne (cedric.nospam_dardenne_at_accenture.com)
Date: 11/16/04
- Next message: Ken Schaefer: "Re: No Web Server Detected"
- Previous message: Andreas: "RE: cannot start www publishing service error 3"
- In reply to: srock: "Re: Client IP behind Load Balancer"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 16 Nov 2004 10:04:08 +0100
Thanks a lot!
Cédric
-- Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -- Rich Cook srock wrote: > Yes - in order to preserve the client IP, your web servers must use the > BigIP as its default gateway. > > FYI - the nPath routing the you asked about is usually used when load > balancing streaming content where you don't want the return traffic to go > through the BigIP. In this case your servers don't use the BigIP as its > default gateway and you need to configure the MS loopback adapter to use > the same IP address as the VIP on the BigIP. > > Seth > > "Cédric Dardenne" <cedric.nospam_dardenne@accenture.com> wrote in message > news:u0K1kl0yEHA.1264@TK2MSFTNGP12.phx.gbl... >> Hi again, >> >> It seems that there is a firewall between our servers and the F5 BigIP >> and for this reason, request had to be NATed. >> So we will try to move servers into the same DMZ as the F5, and then your >> configuration should work: no NAT and Bip-IP as default gateway. >> >> Thanks, >> >> Cédric >> >> -- >> Programming today is a race between software engineers >> striving to build bigger and better idiot-proof programs, >> and the Universe trying to produce bigger and better idiots. >> So far, the Universe is winning. >> -- Rich Cook >> >> >> Cédric Dardenne wrote: >>> Hi Seth, >>> >>> Thanks for your answer. >>> Unfortunately, I don't have access to F5 configuration or F5 itself... >>> this is our hoster's one (and I have to admit I don't know a lot about >>> it...). >>> >>> If requests are done through the public IP, then they go through the >>> load balancer, and I only see the virtual private IP in the logs. If I >>> make a request on the internal network directly to the real server's >>> IP, then in the logs I see my real client IP, as I don't pass through >>> the load balancer... >>> >>> Would it be possible for you to describe me your configuration, or to >>> send me your config file? This would allow me to advise my hoster... >>> >>> I have been trying to read F5 documentation (:-S...), and saw the nPath >>> routing configuration. Is this the one you are using? My hoster said >>> that this would not be allowed by their firewall as the anwser doesn't >>> come from the same host it was sent to... (is it true?) >>> >>> Thanks for your advises, >>> >>> Cedric >>> >>> >>> srock wrote: >>>> Hi, >>>> >>>> I have F5's in place and the client IP's are preserved in the logs as >>>> expected. I have a few questions: >>>> >>>> 1. Are ALL of the requests in your logs coming from the bigip? >>>> 2. Is the default gateway on your web servers set to the big IP? >>>> 3. Can you post the contents of your bigip.conf file? >>>> 4. Can you post the results of: b global show >>>> >>>> thanks, >>>> >>>> Seth >>>> >>>> >>>> >>>> "Cédric Dardenne" <cedric.nospam_dardenne@accenture.com> wrote in >>>> message news:%23STJGDZyEHA.2212@TK2MSFTNGP15.phx.gbl... >>>>> Hi all, >>>>> >>>>> We have a website running under II5 (W2k SP4). To analyze logs, we use >>>>> WebTrends Pro. However our servers are behind a physical load balancer >>>>> (F5). Thus, in IIS logs, we now only see the load balancer's virtual >>>>> IP address instead of the real client IP... >>>>> >>>>> I guess I might not be the first facing this issue... Would you have >>>>> any solution? >>>>> >>>>> Thanks a lot, >>>>> >>>>> Cedric >>>>> >>>>> -- >>>>> Programming today is a race between software engineers >>>>> striving to build bigger and better idiot-proof programs, >>>>> and the Universe trying to produce bigger and better idiots. >>>>> So far, the Universe is winning. >>>>> -- Rich Cook
- Next message: Ken Schaefer: "Re: No Web Server Detected"
- Previous message: Andreas: "RE: cannot start www publishing service error 3"
- In reply to: srock: "Re: Client IP behind Load Balancer"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
