Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ShlomiA
Explorer

loop between ClusterXL Virtual IP & Static Route

Hi,

I will try to explain my issue as the best I can.

So, I have a ClusterXL with 2 gateways.

The cluster is configured with 212.xx.xx.163/29 IP pool.

Network topology example:

Cluster Virtual IP: 212.xx.xx.164

CPFW01 IP: 212.xx.xx.165

CPFW02 IP: 212.xx.xx.166

So far, It's working good.

Now, I have a secondary IP pool on a different subnet: 212.xx.yy.96/27

My ISP is routing the entire pool to my cluster virtual IP.. That way I can use my secondary IP pool by doing NAT policy on my cluster.

It works, But for some reason, when I perform tracert to any of my secondary pool IP addresses, I see a loop between my cluster virtual IP & my gateway static route:

-- .164 is my cluster virtual IP and .163 is my gateway static route.

N6JgIPS

1RB58zo

So the only thing I could think of that causing that loop, Is that the secondary IP pool is not actually configured any where on my interfaces or my gateways.. It's only configured as NAT policies.. So when ever I try to 'connect' to IP addresses of my secondary IP pool, my gateway doesn't know these IP's so he send me to the static route....?

I would love to hear some tips on how to solve this issue..

Thank you 🙂

 

 

 

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

Do you have an Access + NAT policy that permits traceroute access to the relevant IP address and translates to the relevant private IP?
Are the NAT rules manual or automatic (configured on the relevant object) and how is it configured?

A static route for the relevant public subnet to the internal subnet may be necessary here, but it shouldn't be.

0 Kudos
ShlomiA
Explorer

Found a solution by setting a loopback on each gateway in the cluster for the secondary pools.

0 Kudos