Extreme Networks Px Series manual NAT Modes, Full-NAT Mode

Page 72

NAT Modes

Network address translation (NAT) is one of the cornerstones of server load balancing. To balance the load between the various real servers, the server load balancer uses a single IP address, called a virtual IP address, to represent the entire group of servers that make up a website.

When a client request arrives at the virtual IP address, the load balancer must rewrite the destination IP address, so that it can forward the request to a server for processing. Likewise, when the server responds to the request, the server address must also be translated from its own unique address to that of the virtual IP, so that it can be sent back to the user. This process of translating one network address into another is called network address translation (NAT).

Full-NAT Mode

In full-NAT mode, the server load balancer translates both the source and destination IP addresses—those of the client and the server—before sending the request onto the user. For the point of view of the server fulfilling the request, it appears as though the client making the request is actually the server load balancer.

Advantages of full-NAT mode are:

•No configuration is necessary on the Layer 2/3 switch connected to the application switch.

•It can be deployed in any network architecture.

•Clients can be on the same subnet as the servers.

•It allows interoperation with any vendors switch, regardless of support for policy routing.

You must run in full-NAT mode if:

•Clients and servers are on the same layer 2 network segment.

•The switch connected to the application switch does not support layer 3 policy routing based on source IP address, port, and protocol.

•You do not have access to the layer 3 switch to configure policy based routing.

6-14	Px Series Application Switch Installation and Configuration Guide

Image 72

Contents Published April Part number 100101-00 Rev Page Contents Installing the PxM Application Switch Module Configuring Servers and Services Index Index of Commands Preface IntroductionConventions Text ConventionsIcon Alerts you to Convention DescriptionRelated Publications Preface Server Load Balancing Concepts Purpose of Server Load BalancingTerms 1Conceptual view of server load balancingLoad Balancing Modes Layer 4 Load BalancingLayer 7 Load Balancing and Content Analysis 2Single client-server transaction using layer3Establishing a layer 7 request Getting Started on Load Balancing Configuration Port RewriteGetting Started on Load Balancing Configuration Page Installing the SummitPx1 Application Switch Overview of the SummitPx1 Application SwitchSummitPx1 Front View 1Px series application switch LEDs Color IndicatesSummitPx1 Application Switch Rear View Signal Description2DB-9 Adapter Pinouts To DB-9Installing the SummitPx1 Application Switch Determining the LocationRack Mounting Powering On the SummitPx1 Free-StandingSetting Up Console Communication Configuring Switch IP Parameters Configuring the 10/100 Ethernet Management Port Installing the PxM Application Switch Module Installing I/O ModulesRemoving I/O Modules Removing I/O Modules Page Managing the Switch Using the Command-Line Interface Abbreviated Syntax and Command CompletionSyntax Symbols 1Command Syntax SymbolsSymbol Description Line-Editing KeysSpecifying Text Values 2Line-Editing KeysConfiguring Management Access Command HistoryPrompt Text Changing the Default Passwords Creating Accounts Modifying AccountsCommand Description Managing the PxMConfiguring VLANs Configuring Snmp 4SNMP Configuration SettingsSetting Description System ContactConfiguring DNS Client Services SettingDescriptionUsing Secure Shell 2 SSH2 5DNS Client Configuration CommandsEnabling SSH2 for Inbound Switch Access Config ssh2 keyUsing SCP2 from an External SSH2 Client SSH2 Client Functions on the Switch Utilities Showing CPU LoadChecking Basic Connectivity Logging Configuring a Startup Banner Message Starting the GlobalPx Content Director AgentExample Configuration Internet DNS serverFollowing commands configure all system-related facilities Page Configuring Servers and Services Configuring Real ServersConfiguring Server Groups Configuring Virtual Services Layer 7 Virtual Services Layer 4 Port-based Load BalancingConfiguring Traffic Tagging Configuration Example 1Tag SpecificationsTag Specification Description Tag Range Configuration Example Page Choosing Policies, Persistence Modes, and NAT Scheduling PoliciesPersistence Modes 1Scheduling PoliciesSpecifier Policy Description Client IP Persistence Mode UDP Flow Persistence1Client IP persistence mode Configuring Client IP Stickiness Cookie Persistence Modes2Self-identifying cookie persistence mode Persistence Modes Hashed Cookie Persistence Session Learned Cookie Persistence Mode 4Learned cookie persistence mode Configuring Cookie Stickiness SSL Session Identifier Persistence Full-NAT Mode NAT ModesServer-only Half-NAT Mode Configuring Full-NAT Mode and Proxy IP AddressesConfiguring Half-NAT Mode Config source-flow name next-hop gateway-mode ip Real Syslog server SummitPx1 Configuration Example Page URL Switching Domain and URL SwitchingDomain Switching 1Typical switching scenario2Domain switching example Configuring URL Switching URL Switching3Simple URL switching example 4More Complicated URL switching example 5Hierarchical approach to pattern rules Creating Domain and URL Switching Rules 1Wildcard CombinationsWildcard Example Definition Modifying Existing URL Rules and Domains Application Servers Management net Configuration Example Page Configuring Redundancy Using Vrrp with the SummitPx1Adding and Configuring VRRPs Give backup systems lower prioritiesUsing Vrrp in Existing Redundant Networks 1Application switch using multiple VLANs Vrrp Automatic SynchronizationFollowing commands can be passed from master to backup Configuring Redundancy for the PxM Using Esrp with the PxMConfiguring the PxM for Multiple VLANs For SW2Configuring a Default Gateway Health Checks OverviewServer Startup Pacing Health Checking Procedure Configuring Health Checks Timers and CountersTypes of Health Checks You can disable health checks for a server group Page Monitoring the Switch 1Statistics Display CommandsShowing Traffic Statistics Displays packet-level counters for Showing Configuration Details 2Configuration Display CommandsConfiguration Displays Status Displays SummitPx128 # show server detailsShow health Information Column DescriptionManaging and Troubleshooting Operation 5Management and Troubleshooting CommandsCommandDescription Index EsrpHttp GET AUX Page Index of Commands