cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NLB and NAT

paulo_morgado
Participant

I'm a bit confused about the configuration of NAT in NLBs.

I have an NLB with, say, the 10.254.130.26 IP address. But the balanced servers receive the traffic from the 10.254.130.27 IP address.

Should IP configure 10.254.130.26 as the IP address of the software servisse and 10.254.130.27 as the NLB NAT masking IP address? 

4 REPLIES 4

adam_piotrowicz
Dynatrace Pro
Dynatrace Pro

You should provide the first address, 10.254.130.26.

We suppose this is the address that is seen by the client and this is what we're interested in (not the one that servers see).

In the documentation it's described as:

Version 12.1, DCRUM_MiscProtosMonitoringUserGuide.pdf, Chapter 5
If the servers you intend to monitor reside behind an appliance that masks and replaces the addresses of the target servers, you need to set NLB NAT masking IP address to the IP address of the masking server.

Without doing so, the AMD will see two unidirectional conversations instead of one bi-directional conversation between the servers and appliance:

- The conversation between the client and server is observed and recorded (IP address A talking to IP address B)
- When a response travels to the client, a different session (IP address C talking to IP address A) is recorded due to the server's IP address being replaced by the load balancer's IP address.





pawel_brzoska
Inactive

If servers send back the replies to .130.27, than dont use "NLB NAT masking option". It should be used only if servers are sending back replies directly to user IPs, bypassing NLB NAT translation of .130.27 to original Client IP.

taral_parekh
Participant

Hi, I have same question. My client uses load balancer and target servers are behind load balancer. Balancer has been given IP address say XX. Here is scenario.

For the Test Application , test.com is the main URL to which the users connect. This is on XX IP address. This is hosted on the load balancer.

 

Behind this IP address are the four application servers, AA, BB, CC, DD IP addresses.

 

The Load Balancer uses Round Robin mechanism to allocate sessions to the web servers. A client coming into the NLB on XX will be assigned to AA - DD based upon the LB mechanism.

In the RUM console, I can see two field "main server IP" and "NLB NAT masking IP". Where do we configure XX IP address? any idea?

I am thinking, it should go to NLB NAT Masking but  Pawel advised that it can not be used in case response goes directly to user bypassing NLB?

Please advice.

ulf_thorn222
Inactive

 

Where does the traffic to your AMD originate, from the "Front" of the LB or from the "BACK" or does the LB only use 1 wire?