|Skip Navigation Links|
|Exit Print View|
|System Administration Guide: IP Services Oracle Solaris 11 Express 11/10|
This section describes the implementation of ILB with DSR, half-NAT, and full-NAT topologies.
The following figure shows the implementation of ILB using the DSR topology.
ILB operates in both the half-NAT and full-NAT modes. The general implementation of the NAT topology is as shown in the following figure.
In the half-NAT mode of ILB operation, ILB rewrites only the destination IP address in the header of the packets. If you are using the half-NAT implementation, you cannot connect to a virtual IP (VIP) address of the service from the same subnet on which the server resides.
Table 27-1 Request Flow and Response Flow for the Half-NAT Implementation
If you connect the client PC to the same network as that of the servers, the intended server responds directly to the client. The fourth step does not occur and hence the source IP address for the server response to the client is invalid. When the client sends a connection request to the load balancer, the response occurs from the intended server. Henceforth, the client's IP stack correctly drops all the responses.
In that case, the request flow and response flow proceed as shown in the following table.
Table 27-2 Request Flow and Response Flow for the Half-NAT Implementation
In the full NAT implementation, the source and destination IP addresses are rewritten to ensure that the traffic goes through the load balancer in both directions. The full NAT topology makes it possible to connect to the VIP from the same subnet that the servers are on. The following table depicts the full-NAT topology for ILB. There is no default route required through the servers. The default route through the load balancer is the router address on subnet C. In this scenario, the load balancer behaves as a proxy.
Table 27-3 Request Flow and Response Flow for the Full-NAT Implementation