1. Home
  2. Nortel Networks
  3. Alteon 180E + WebOS 9.0: can't redirect port 80 to port 81

Alteon 180E + WebOS 9.0: can't redirect port 80 to port 81

Hello,

I have a situation where I want to redirect traffic from port 80 on the vip to port 81 on the 2 reals that are part of the group associated with the vip. I thought this was a as simple as using rport under /c/slb/virt/service. The alteon insists on a filter, so I put one on port 1 that just does an action allow. The alteon doesn't complain about the config since I added the filter, but it doesn't redirect the traffic to port 81 - it just keeps sending vip:80 to reals:80.

What's going on? Is there more to redirecting a port?

Brian

Reply to
bchill
Loading thread data ...

The filter you describe should not effect SLB function at Alteon platform unless there is a mis-configuraiton. Is the port 1 a server or client port ?? Anything else at the filter? You can simply redirect the real port by only using "rport" command. You can check wether the SLB funtion works properly by using "/info/slb/dump" or "info/slb/sess/dump" .This command will help you a lot.

Reply to
Dophi

I think it is just easier if I post the output from /info/slb/dump (below):

Also, I am on Web)S 9.0.43.11. Does it have bugs that might affect this?

Can you email off-line? bchill ^ bch.net

Thanks!

Brian

--------------------------------------------------------------------------------------------------------

Real server state:

50: my-real1 (10.10.10.50), xx:xx:xx:xx:xx:xx, vlan 1, port 1, health 3, up 51: my-real2 (10.10.10.51), xx:xx:xx:xx:xx:xx, vlan 1, port 1, health 3, up

Virtual server state: 11: 10.10.10.11, xx:xx:xx:xx:xx:xx virtual ports: http: rport 81, group 11, my-virt, backup none, pbind clientip real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 0 ms, up https: rport 444, group 11, my-virt, backup none, pbind clientip real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 0 ms, up

Redirect filter state:

100: dport http, rport 81, group 11, health icmp, backup none, slowstart real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 1 ms, up

Port state: 1: 0.0.0.0, client, server filt enabled, filters: 100 2: 0.0.0.0 filt disabled, filters: empty 3: 0.0.0.0, client, server filt disabled, filters: empty 4: 0.0.0.0, client, server filt disabled, filters: empty 5: 0.0.0.0, client, server filt disabled, filters: empty

Reply to
bchill

I think it is just easier if I post the output from /info/slb/dump (below):

Also, I am on WebOS 9.0.43.11. Does it have bugs that might affect this?

Can you email off-line? bchill ^ bch.net

Thanks!

Brian

--------------------------------------------------------------------------------------------------------

Real server state:

50: my-real1 (10.10.10.50), xx:xx:xx:xx:xx:xx, vlan 1, port 1, health 3, up 51: my-real2 (10.10.10.51), xx:xx:xx:xx:xx:xx, vlan 1, port 1, health 3, up

Virtual server state: 11: 10.10.10.11, xx:xx:xx:xx:xx:xx virtual ports: http: rport 81, group 11, my-virt, backup none, pbind clientip real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 0 ms, up https: rport 444, group 11, my-virt, backup none, pbind clientip real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 0 ms, up

Redirect filter state:

100: dport http, rport 81, group 11, health icmp, backup none, slowstart real servers: 50: my-real1, backup none, 1 ms, up 51: my-real2, backup none, 1 ms, up

Port state: 1: 0.0.0.0, client, server filt enabled, filters: 100 2: 0.0.0.0 filt disabled, filters: empty 3: 0.0.0.0, client, server filt disabled, filters: empty 4: 0.0.0.0, client, server filt disabled, filters: empty 5: 0.0.0.0, client, server filt disabled, filters: empty

Reply to
bchill

As I know, the redirtion of WebOS 9.0.43.11 is good. From the dump, your real server works well and port 1 is server port. There is a concept of filter; A filter can be only triggered while the session or packet is not responed to SLB. In other words, your filter is not necessary for redirection. You can remove it.

Reply to
Dophi

BTW, the "rport" command at the filter is not used for SLB. It's is used for Application Redirection, i.e. Proxy Server

Reply to
Dophi

The problem is that the configuration posted is not working - traffic still hits the host on port 80.

Any suggestions?

Brian

Reply to
bchill

Brian

My suggestion is removing the filter.

I guess there are two situation you might have.

  1. The server connects to port 1: filter will not be triggered because package is redirected by SLB function.
  2. The client connects to port 1: filte will be triggered and hit port
80 of your server.

As I mentioned previous, there are 2 "rport" commands at different level of command menu.

  1. /cfg/slb/virt 11/service 80/rport : Defines the real server TCP or UDP port assigned to this service. By default, this is the same as the virtual port (service virtual port). If rport is configured to be different than the virtual port defined in /cfg/slb/virt /service , the switch will map the virtual port to this real port.

  1. /cfg/slb/filt 100/rport :This option applies only when redir is specified at the filter action. This defines the real server TCP or UDP port to which redirected traffic will be sent.

So, I said the filter is not necessary.

I hope this can hlep you solve the issue. : )

BTW, I am out of U.S so I can't reply to you during your business time. Sorry about that.

Reply to
Dophi

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.