Link Load Balancing with LTM + DNS
Hi,
Migrating Radware LinkProof to F5 BIGIP (LTM+DNS) for the outbound and Inbound load balancing.
- One of the ISP Link Public NATing is done on the Firewall. We need to configure No NAT for both outbound and inbound load balancing.
- Successfully configured the Outbound load balancing. When trying to inbound for the RDP connection from the external Client to RDP server is not working.
Below log while packet capture:
tcpdump -vvv -nni 0.0 host 223.228.180.23
tcpdump: listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:38:34.941681 IP (tos 0x68, ttl 118, id 16746, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct), seq 3437007770, win 8192, options [mss 1300,nop,wscale 2,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:34.941691 IP (tos 0x68, ttl 118, id 16746, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct), seq 3437007770, win 8192, options [mss 1300,nop,wscale 2,nop,nop,sackOK], length 0 out slot1/tmm2 lis= 13:38:34.942199 IP (tos 0x0, ttl 128, id 14983, offset 0, flags [DF], proto TCP (6), length 48) 14.143.140.54.3389 > 223.228.180.23.47419: Flags [S.], cksum 0xdf31 (correct), seq 4236588370, ack 3437007771, win 8192, options [nop,wscale 8,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:34.942216 IP (tos 0x0, ttl 255, id 19729, offset 0, flags [DF], proto TCP (6), length 40) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [R.], cksum 0x2edc (incorrect -> 0x2845), seq 1, ack 1, win 0, length 0 out slot1/tmm2 lis= 13:38:37.852655 IP (tos 0x68, ttl 118, id 16749, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct), seq 3437007770, win 8192, options [mss 1300,nop,wscale 2,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:37.852665 IP (tos 0x68, ttl 118, id 16749, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct), seq 3437007770, win 8192, options [mss 1300,nop,wscale 2,nop,nop,sackOK], length 0 out slot1/tmm2 lis= 13:38:37.853107 IP (tos 0x0, ttl 128, id 14984, offset 0, flags [DF], proto TCP (6), length 48) 14.143.140.54.3389 > 223.228.180.23.47419: Flags [S.], cksum 0x1390 (correct), seq 4237623524, ack 3437007771, win 8192, options [nop,wscale 8,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:37.853128 IP (tos 0x0, ttl 255, id 19741, offset 0, flags [DF], proto TCP (6), length 40) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [R.], cksum 0x2edc (incorrect -> 0x5ca3), seq 1, ack 1, win 0, length 0 out slot1/tmm2 lis=
Need to achieve the No NAT function for one of the ISP and NAT for the other ISP links.