On Fri, May 24, 2002 at 03:13:31PM +0100, Malcolm Turnbull wrote:
:
: If a NEW packet comes in and is NATed to the Loadbalancer,
: the loadbalancer then re-directs to the web server,
: and the web then server replies to the requestor...
:
: I assume this will be droped by a FORWARD NEW,ESTABLISHED rule ?
:
: i.e. its NOT NEW (because its a reply)
: its NOT ESTABLISHED (because it came from a different server) ?
:
: or am I talking rubish ?
You're correct, however, most load balancers easily overcome this by
using src/dst hashing or some other means to provide a "sticky server"
kind of user experience. The notion of a sticky server becomes
particularly important when using applications written in ASP, JSP,
PHP, etc. - using session data. Use a reasonable L4-7 switch (F5,
Foundry, etc.) and you'll be fine.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
My account, My opinions.
