What should be done when you have a requirement to place back-end servers in another subnet.
Well recue is Tunneling!!!
Tunneling in required when you want uLB machine and back-end servers to be in different network.
This is equivalent to NAT/NATP forwaring method in Legacy Websphere Load Balancer.
Types of tunneling supported:
uLB support two types of tunneling.
1) IPIP ( IP in IP )
2) GRE ( Generic Routing Encapsulation )
Supported on AIX,Linux,HP-UX,Solaris but Windows.
You can follow configuration steps for tunneling under section "Use encapsulation forwarding to forward traffic across network
segments" in uLB admin guide
One of the most important thing to remember while configuration of uLB with tunneling is to disable reverse path filtering on back-end servers (ONLY).
Reverse path filter was introduced to support Strong Send and Receive. Which now most of the OSes have
as default setting. In Strong Send and Receive OS transmits outgoing packet only from the same interface from which
it has received it. In tunneling packets are received on tunnel interface but they go out from different
interface. Hence if RPF is enabled on back-end servers response will not be delivered to clients.
uLB logs,reports will be normal because it had handled the packet correctly.
Hence RPF disabling is the key to make uLB work with tunneling.
Disclaimer: ""The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions.""