Options

Multiple Default Gateways

matmat Member
in System
Hi all,

is it possible to create different default gateways for different virtual interfaces?

For example:

I have three virtual interfaces, all in different subnets. Can I now assign each Interface its own gateway?

Currently, I only see the option to use several static routes or a default route for all interfaces.


Regards,

Mat

Comments

  • Options
    diederikdiederik Member
    edited September 2014
    What is it you are trying to achieve?

    In case you have multiple VIP's and the return traffic does need to go through different gateways, you can simply use the feature which sends traffic back to the mac it received it from and bypass the routing table.

    "Use received hop for response"

    If the traffic needs to go through different gateways based on the real server the traffic is coming from, this might work, personally I have not tested this yet.
    "Using IP Pool Default Gateways To Forward Traffic from Real Servers"

    As the virtual interfaces share the same partition/routing table, you can not assign them different default gateways.
    Using very specific static routes might work.

    Greetings,

    Diederik
  • Options
    diederikdiederik Member
    edited September 2014
    If you check the CLI Reference, there is a much better explanation on the "Using IP Pool Default Gateways..." feature:

    - For forward traffic (traffic from a client to a server), the NAT gateway is used if the source NAT address (the address from the pool) and the server address are not in the same IP subnet.

    - On reverse traffic (reply traffic from a server to a client), the NAT gate- way is used if all the following conditions are true:
    • The session is using translated addresses (is source NATted).
    • The source protocol port is in the source NAT subnet.
    • The destination is not in the source NAT subnet.

    Does this feature maybe work for what you need?
  • Options
    matmat Member
    edited September 2014
    Hi Diederik,

    sorry for the late reply.

    Currently, we have the following setup:

    The LB is connected using a trunk to our Network and terminates on a customer firewall.
    Now, the customer wants that traffic for VLAN A uses the virtual port for VLAN A on the FW, traffic for VLAN B the virtual interface for VLAN B and so on.

    "Use received hop for response" is in use, but traffic which lies outside of the Network is being sent to the default gateway. And this is where the customer starts complaining.

    I will take a look at "Using IP Pool Default Gateways…”.


    Regards,

    Mat
  • Options
    diederikdiederik Member
    edited September 2014
    How can the ADC know it is traffic that needs to go to a specific VLAN?
    Is that based on IP addressing? And what type of traffic is it?
    From VIP to Real or from VIP to Client?

    If it is VIP to client then “Use received hop for response” should do the trick already.
    Even when the traffic lies outside of the network. Unless it did come in through the wrong gateway to begin with.

    Looking forward to hear if either one of the other options based on using the IP Pool's gateway worked.
  • Options
    matmat Member
    edited September 2014
    Hi Diederik,

    yes, “Use received hop for response” workes just fine.
    It turned out that the customer had some misconfigured routing in their firewall, which prevented the traffic from using the right path.

    So I didn't try the Pool gatweays.

    Nonetheless, I thank you very much for your help!
Sign In or Register to comment.