User guide
- 114 -
and secondary units. In NAT mode, the Router (Internet) LAN and Server LAN interfaces are
deactivated when the unit is in standby to eliminate duplicate IP address issues and to allow
you to conserve available IP addresses.
In the original network configuration you had to specify a “server LAN gateway IP” to be
used as the servers’ default gateway IP address. The “server LAN gateway IP” is a floating IP
address that is available only on the active WebMux in a WebMux pair. When creating
additional network configurations on the server side, you do not have the option to create a
“server LAN gateway IP” like the original network configuration. In this case, you will need
to configure your additional server networks using the same IP addresses on the secondary as
with the primary. The IP address you create for you additional server network will be used as
the server’s default gateway IP. Since only the active WebMux will have this IP enabled on
its interface, you will not have a duplicate IP address between both units. If one unit goes out
of service, the IP address becomes available on the other unit and the servers can continue to
communicate to the external network uninterrupted.
Transparent Mode VLAN:
In Transparent mode, it is recommended that you assign a different VLAN ID for the
physical front and back interfaces with the -r (—router_vid) and -s (—server_vid) flags. For
example:
nwconfig -A tm_vlan -i 192.168.14.21 -g 192.168.14.1 -r 200 -s 300
If you use the -v flag, both the physical front and back interfaces will have the same VLAN
ID. It is not recommended that you use the same VLAN ID for the front and back interfaces
in Transparent mode.
Out of Path Mode VLAN and Server LAN Gateway:
When creating an additional network in Out-of-Path Mode, it is important that your farm IPs
are different from the main IP address you create with the “nwconfig” tool. This is important
because the main IP address you create will be the IP address the WebMux’s health checks
will appear to come from. You will have problems with Windows servers if you use a farm IP
that is the same as the main IP. This is because Windows utilizes the MS Loopback Adapter
with the farm IP. When the WebMux send its health check request coming from the main IP,
the Windows machine will see that the IP address is on its Loopback Adapter and will not
send back a reply since it believes it is coming from itself. The WebMux will mark the server
dead since it will not receive a reply. To ensure that this will not occur, do not use a farm IP
that is the same as the main IP in Out-of-Path Mode.
It is important to remember that when you are doing SSL termination or Layer 7 load
balancing that you must point your servers’ default gw back to the WebMux. In the original
network configuration, you had an option to create a “server LAN gateway IP.” The servers
used this IP address as their default gateway IP. This IP is a floating IP that transfers between
WebMuxes in a failover configuration. Only the active WebMux will have that IP address
available on its network interface to avoid duplicate IP address issues. Additional network
configurations do not have the option to create a “server LAN gateway IP” like the original
network configuration. In this case, you will need to use the FARM IP as your servers’
default gateway IP address. Since the FARM IPs are only available on the active WebMux
they will effectively serve as the floating server LAN gateway IP.