The LoadMaster has various routing-related options, such as transparency, Subnet Originating Requests (SOR), and Use Default Route Only.

When using the LoadMaster, you may experience different routing scenarios. The purpose of this document is to explain the different routing options and how routing can be managed inside a network.

The above network diagram shows an example standard two-armed setup:

  • The client has an internal IP address of 192.168.1.x/24
  • When it connects to the public site, the firewall will Network Address Translate (NAT) traffic from external networks to another IP address
  • In this case, it will NAT the traffic to the 10.10.10.x/24 network
  • The Virtual Service (VS) is on 10.10.10.12/24 (eth0 network)
  • The Real Server is on 10.15.15.100/24 (eth1 network)

Depending on transparency and SOR, the Real Server may see traffic originating from a different IP address.

Transparency

Subnet Originating Requests

Real Server sees

Disabled

Disabled

VS address

Disabled

Enabled

LoadMaster Real Server-side interface address

Enabled

Disabled

Client IP address

Enabled

Enabled

Client IP address

If transparency is enabled, SOR does not have any effect on the routing of traffic.

For further details, refer to the following sections:
Note: By default, health checks are always sent from the interface of the Real Server network for local Real Servers. For non-local Real Servers, how the LoadMaster sends the health check depends on the routing configuration, such as the scenario below:

When both the Transparency and Subnet Originating Requests options of a Virtual Service are both disabled, health checks from the LoadMaster will reach the Real Server with the source IP address of the Virtual Service IP address, rather than the applicable interface IP address. LDAP health checks are excluded from this behavior - they originate from the interface IP address.