On 10/28/05, Robin Mordasiewicz robin@bullseye.tv wrote:
We are using Centos behind an F5 Bigip load balancer. The linux box is using bonding and tagged VLAN's
Everything works fine except that when traffic is forwarded from the BigIP to the linux box on the VLAN where the web server is running the linux box returns the traffic on the wrong VLAN, It returns traffic on the lowest ordered VLAN.
ie. here is a tcpdump on my load balancer showing traffic being sent on VLAN 911 to the linux box, but the linux box returns traffic on VLAN 902. The linux box is returning traffic on the same VLAN as its configured default gateway. If I change the default gateway to be on the VLAN 911 then everytyhing works.
Any ideas ?
07:38:15.480141 802.1Q vlan#911 P0 10.90.11.244.http > 10.90.11.1.47970: . ack 9 win 1098 (DF) 07:38:15.691074 802.1Q vlan#911 P0 10.10.0.27.34023 > 10.90.11.244.http: S 2715145345:2715145345(0) win 4380 <mss 1460,nop,wscale 0,nop,nop,timestamp 72820060 0,sackOK,eol> (DF) 07:38:15.691074 802.1Q vlan#902 P0 10.90.11.244.http > 10.10.0.27.34023: S 514059651:514059651(0) ack 2715145346 win 5808 <mss 1464,sackOK,timestamp 51754641 72820060,nop,wscale 2> (DF)
[snip]
If you are talking about the traffic with 10.10.0.27.34023 then it appears to me that you are dealing with a standard routing issue.
I have not done this on Linux, but on other systems, including routers.
Each VLAN is treated as a separate interface and packets are returned based on routing tables not the interface they where received on. That is unless you are using policy based routing.
-- Leonard Isham, CISSP Ostendo non ostento.