Forum Discussion
ltp_55848
Jul 06, 2011Nimbostratus
Hi Bhattman,
Sorry for the confusion. The primary reasons for this design were that; the client IP address be preserved without using an X-Forwarded-for header, and that other non service related traffic (specifically high bandwidth traffic like backups) did not traverse the F5's.
The first requirement ruled out SNAT'ing incoming traffic and the second requirement ruled out the common approach of using the F5 as a default gateway (that is without requiring additional complexity on the client side), so PBR was used to server reply traffic via the F5's whilst allowing all other traffic to continue to be routed via the default gateway.