Manualshelf

Specifications

ManualsBrandsBarracuda Networks ManualsComputer equipmentLoad Balancer
31323334353637383940
26 Barracuda Link Balancer Administrator’s Guide
Specifying the Link Used by Outgoing Traffic................................... 26
Changing the Source IP Address of Outgoing Traffic ....................... 27
Specifying the Link Used by Outgoing Traffic
To exempt outgoing traffic from link balancing and/or NAT'ing, create IP/application rules using the
Policy > Outbound Routing page. IP/application routing rules are based on source IP address,
application, and/or destination IP address.
The IP/application routing rules are executed before the link load balancing algorithm. Traffic that
matches no rule is both link balanced and NAT'd. These rules are executed regardless of the firewall
operating mode.
Examples where IP/application routing rules may be useful include:
If you are an ISP with externally accessible IP addresses (ARIN networks) behind the Barracuda
Link Balancer that are not on the same subnet as your WAN interfaces.
If you have subnets that you want to exempt from link balancing.
If you have systems such as mail servers or VPN endpoints that send traffic that must maintain
the original source IP address.
If you have applications that you want to exclude from outgoing link balancing and NAT'ing.
Ping Traffic
To direct ping (ICMP) traffic that originates from behind the Barracuda Link Balancer to use a
specific WAN link:
Create a ping application using the
Policy > Applications page (select ICMP as the protocol, no
port range).
Create one or more IP/application routing rules for the ping application.
As an example, if WAN1 is a private link to an office and WAN2 is a primary link used for other
Internet traffic, make two rules: one that directs ping traffic to the office to use WAN1 and one that
allows all other ping traffic to use WAN2. (Remember that private links are only used if the link is
explicitly referenced).
VPN and Email Rules
During installation, sample disabled IP/application routing rules are automatically created for
outgoing VPN and email traffic to prevent it from being link balanced or NAT'd. To enable those
rules, select the WAN link to be used for the traffic.
If you would like to link balance outgoing email or VPN traffic because you have created a way to
make that acceptable to the receiver, you can leave the rules in their disabled state or delete them. (For
example, you may have created multiple SPF or DNS records for the WAN IP addresses).
Externally Accessible IP Addresses
If you would like to direct traffic from externally accessible IP addresses behind the Barracuda Link
Balancer to the WAN link that is on the same subnet, create one or more rules where those addresses
are the source IP addresses, link balancing and NAT are turned off, and
Primary Link is set to Auto.
If you have a network where the externally accessible IP addresses (ARIN networks that are not in
any WAN subnets) can send their traffic on any WAN link, you can create rules so that traffic