Load-balancing ICMP traffic over Server pool
(1 votes, average: 4.00 out of 5)
Loading ...Sometimes there is a necessity to load-balance not only TCP/UDP sessions over a server pool but also redirect ICMP echo requests to the servers themselves. This is needed for troubleshooting purposes, or for probing real servers through a VIP (virtual IP) with a monitoring tool.
I observed the following default firewall behavior: it proxies all incoming ICMP packets and responds to them on behalf of itself, instead of forwarding them to the real servers in the pool, so playing with the server monitoring agent settings and “excluding” the servers from the pool does not affect the observed results at all.
To force the firewall to “move on” ICMP packets I unchecked the “proxy ARP entry generation” in the “External addresses” section properties. After that the firewall did his job correctly (as I expected at least 
)
Recent Comments