[CentOS] VLAN tagging problems
Les Mikesell
lesmikesell at gmail.com
Fri Oct 28 15:06:57 UTC 2005
On Fri, 2005-10-28 at 09:48, Robin Mordasiewicz wrote:
> We are using Centos behind an F5 Bigip load balancer.
> The linux box is using bonding and tagged VLAN's
>
> Everything works fine except that when traffic is forwarded from the BigIP
> to the linux box on the VLAN where the web server is running the linux box
> returns the traffic on the wrong VLAN, It returns traffic on the lowest
> ordered VLAN.
>
> ie. here is a tcpdump on my load balancer showing traffic being sent on
> VLAN 911 to the linux box, but the linux box returns traffic on VLAN 902.
> The linux box is returning traffic on the same VLAN as its configured
> default gateway. If I change the default gateway to be on the VLAN 911
> then everytyhing works.
It seems reasonable to require a route to the destination on the
VLAN used. Why should it ever do otherwise? What are you trying
to accomplish by using a VLAN interface with no route back?
The solution should be just the same as it would be with real interfaces
which is to have the BigIP source-NAT the inbound requests into an
address on that VLAN, but you won't like that because your web logs
won't show the real client addresses. Basically the Linux box needs
some reason to send the reply packet back to the BigIP either on your
chosen VLAN or a physical interface. That can either be because it
appears to have come from there (SNAT), or because it is the default
gateway.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list