VMware Networking Community
yhum
Contributor
Contributor
‎10-16-2018 06:59 PM

ESG Inline Load Balancing where DLR is the Default Gateway

Hello All,

In regard to ESG's Load balancing service, I read at many places that the ESG must be the default gateway of the servers network in case of Inline LB mode (DLR can't be in the path). However, I feel like the below design would work If I enable Source NAT in Inline mode. ESG will do the both Source and Destination NAT and send traffic to the Internal server. Since the Internal server see the traffic coming from ESG IP address (instead of actual source), server will return the response to ESG using DLR as its default gateways.

Please see the sample topology below (also attached) and give your thought. I would appreciate if someone share the experience and/or lesson learned.

ESG-Inline-Topology.png

Preview file
20 KB
Reply
0 Kudos
2 Replies
lhoffer
VMware Employee
VMware Employee
‎10-17-2018 08:11 AM

The topology you reference is fine as the inline mode doesn't explicitly require that the ESG be the default gateway (the Configure a One-Armed Load Balancer​ section makes a reference to that being a requirement only when the ESG and pool members are on the same subnet and you use transparent mode).  The only requirement is that the ESG must be in the return path for all client sessions as direct server return (DSR) is unsupported so as long as you won't have any clients accessing the LB from other interfaces on the DLR (which could then forward return traffic directly to them and bypass the ESG) your topology works fine as the ESG is still in the traffic path.

Reply
0 Kudos
HassanAlKak88
Expert
Expert
‎10-23-2018 07:14 AM

Hello,

Noting that the default gateway of load balanced servers should be the ESG (Load balancer) only when the ESG and members are on the same subnet like the below design:

pastedImage_1.png

But in your case and following your network design, it is correct and no need to change the gateway configuration.

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
Reply
0 Kudos