Direct Server Return Mode
In DSR mode, ILB balances the incoming requests to the back-end servers but allows the return traffic from the servers to the clients to bypass it. However, if you set up ILB to be used as a router for a back-end server, the response from the back-end server to the client is routed through the system that is running ILB. ILB's current implementation of DSR does not provide TCP connection tracking, making it stateless. With stateless DSR, ILB does not save any state information of the processed packets except for basic statistics. Being stateless, the performance is comparable to the normal IP forwarding performance. The DSR mode is best suited for connectionless protocols.
-
DSR provides better performance than NAT because only the destination MAC address of packets is changed and servers respond directly to clients.
-
There is full transparency between the server and the client. The servers see a connection directly from the client IP address and reply to the client through the default gateway.
-
The back-end server must respond to both its own IP address (for health checks) and the virtual IP address (for load-balanced traffic).
-
Being stateless, adding or removing servers causes connection disruption.
The following figure shows the implementation of ILB in the DSR mode.
Figure 5-1 Direct Server Return Topology
In this figure, both back-end servers are in the same subnet (192.168.1.0/24) as the ILB box. The servers are also connected to the router so that they can reply directly to clients after receiving a request forwarded by the ILB box.