Direct Server Return -
When enabled, Equalizer forwards packets to the server in such a way that
the server responds directly to the client, rather than through Equalizer.
This option requires special configuration on the cluster; see
figuring Direct Server Return"
before enabling this
option. The
spoof
option must also be enabled when this option is enabled.
Spoof
When the
Spoof
option is enabled on a cluster, Equalizer uses the client’s
IP address as the source IP address in all packets sent to a server in that
cluster.
When
Spoof
is enabled, all server responses to client requests that came
through the Equalizer cluster IP address must be routed by the server
back to the client through Equalizer. In many cases, the easiest way to do
this is to set the default gateway on the server instances in the server pool
on a cluster to Equalizer’s IP address on the server VLAN. If this is not pos-
sible, you can establish static routes on the server to send responses to
specific client IP addresses to Equalizer’s IP address on the VLAN.
If you disable
Spoof
, the server receiving the request will see Equalizer’s
IP address as the client address because the TCP connection to the client is
terminated when the request is routed. The server will therefore send its
response back to Equalizer’s IP address.
When the
Spoof
flag is disabled on a Layer 4 cluster:
If there is more than one VLAN defined, all server instances on a server
pool
must
be located on the second defined VLAN in the configuration (the
VLAN that appears after the
Default
VLAN in the GUI, in
ifconfig
output,
and in the configuration file), so that source NAT will work correctly. This
is because the source IP address used when
spoof
is disabled is the Equal-
izer IP address on that VLAN.
Click on the
Commit
button after making changes.
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
All Rights Reserved.
337
Equalizer Administration Guide
Summary of Contents for Equalizer GX Series
Page 18: ......
Page 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 42: ......
Page 52: ......
Page 64: ......
Page 72: ......
Page 76: ......
Page 228: ......
Page 238: ......
Page 476: ......
Page 492: ......
Page 530: ......
Page 614: ......
Page 626: ......
Page 638: ......
Page 678: ......
Page 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 754: ......
Page 790: ......
Page 804: ......
Page 842: ......
Page 866: ......