To decide whether or not network transparency is needed, ask this question: does the IP address of the client requests need to appear in the logs?

If the answer is yes, then network transparency may be required (other options may be to use X-Forwarded-For or Direct Server Return). If transparency is required, the LoadMaster will need to be configured and the network will need to be designed in a certain way, which this document will describe.

If the answer is no, then there is a little more flexibility in how the network can be configured.

The table below shows a matrix of the advantages and disadvantages of transparency.

Pro/Con

Transparent

Non-Transparent

Pro

Preserves the source IP address

Can browse from the same subnet as the Real Server

Pro

Works with Layer 4 (L4) and L7

No need to change the default gateway

Con

Cannot browse from the same subnet as the Real Servers

The source IP address is not preserved (but X-Forwarded-For header can be used)

Con

The default gateway must be the LoadMaster

Only available for L7

Con

Cannot have non-local Real Servers

Con

Cannot use with SSL re-encryption

The transparency settings are based on making sure that traffic moves from the Real Server back to the client through the LoadMaster. This type of symmetric routing, that is, going in and out of the LoadMaster, is an inherent requirement of all load balancers (with the exception of employing direct server return, a feature which the LoadMaster supports, which has its own set of limitations).