Destination NAT Round Robin for Load Balance Traffic for Web Server

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Destination NAT Round Robin for Load Balance Traffic for Web Server

L4 Transporter

I have 3 web servers which have 3 different static ip. 

.11.12.13 I follow below guide try to load balance the traffic for all 3 web servers. 

Configure Destination NAT Using Dynamic IP Addresses (paloaltonetworks.com)

 

I already did those steps but instead of using FQDN, we use 3 IP address (192.168.x.11, .12 and .13). into an address group and put it into the translated packet as Dynamic IP (with session distribution) as round robin
session distribution method. With this done, we still see the traffic translated into only 1 IP address which is 192.168.x.11. 

 

 

1 accepted solution

Accepted Solutions

L2 Linker

The configuration seems to be correct, but the important question still is how do you access those servers? Do you already have random users accessing those servers and all of them are being sent to that one server? Based on those hitcounts, it appears that it is already in production, is that correct? 

View solution in original post

9 REPLIES 9

L2 Linker

Could you please share a screenshot of your configuration? Are you trying to connect to 192.168.x.11 from a different host or at least private window? 

My NAT policy as below

Source Zone: WAN

Dst Zone:WAN

Dst Interface: Any

Source Addr:10.239.x. 3

Dst Addr: 10.250.x.3

Service:tcp_3333

translated packet

Src translation : none

Dst Translation:

Dynamic IP

Translated Address:

(webserver address group) 

192.168.x.11, .12 and .13

 

Translated port:None

Session Distributed method: Round robin

 

 

 

JiaXiang_0-1644474785076.png

 

L4 Transporter

JiaXiang_1-1644478583071.png

 

The translated address is a address group inside have

192.168.x.11

192.168.x.12

192.168.x.13

 

L2 Linker

The configuration seems to be correct, but the important question still is how do you access those servers? Do you already have random users accessing those servers and all of them are being sent to that one server? Based on those hitcounts, it appears that it is already in production, is that correct? 

L4 Transporter

The web server is in production so user just access it from browser but the traffic did not follow the round robin. If it follow round robin will cause asymmetric route ? 

Suddenly the traffic follow the round robin sequence flow. The issue is solve thank you.

Hi

Please, could you share the solve?

Regards

With the same configuration showing above suddenly the firewall is work as load balance.

  • 1 accepted solution
  • 8009 Views
  • 9 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!