We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Load Balancer ADC

One-Armed Using a TCP Proxy, UDP Proxy, or Layer 7 Service

  • Last updated on

In a one-armed topology all of the real servers and VIP addresses are configured on a single network, usually the WAN network, or (less commonly) the LAN network.

When you create services in this topology, consider the following:

  • Layer 4 TCP or UDP services: You must configure the real servers in Direct Server Return mode. See Direct Server Return deployment.
  • TCP Proxy, UDP Proxy, or any of the Layer 7 service types: You can add the Barracuda Load Balancer ADC into an existing infrastructure with minimal changes to the network. This does not require changes to the IP addresses of the real servers. The Barracuda Load Balancer ADC can be added to the same subnetwork as the real servers. Alternatively, the Barracuda Load Balancer ADC can connect to the real servers through a router. 

Terminology

  • WAN refers to interface(s) configured to access an external network.
  • LAN refers to interface(s) configured to access an internal network.

Virtual Interface

  • If the server is in the same network as the custom virtual interface, the custom virtual interface is used to connect to the real server using the interface route/static route or the default gateway, in that order.
  • If the server, the custom virtual interface, and the WAN IP address are all in the same network, you cannot use the custom virtual interface to connect to the real server, so the WAN IP address is always used to connect to the real server.
  • The virtual interface for the service can be in any network.

Example Deployments

Figure 1 shows a WAN deployment using a one-armed topology and TCP Proxy, UDP Proxy, or Layer 7 services. The gateway IP address of the real servers need not change when adding the Barracuda Load Balancer ADC to the network. All of the virtual IP addresses and the IP addresses for the real servers are connected to the WAN.

If required, an externally accessible IP address can be kept on a real server so that external clients can still access that address (for example, for FTP) only on that one system.

Because configuration changes are not required, traffic is only passed through the Barracuda Load Balancer ADC if it must be load balanced.

Figure 1. One-armed using TCP Proxy, UDP Proxy, or a Layer 7 service.

one_arm_tcpProxy_deployment_new.png

 

Figure 2 shows an example of a one-armed deployment using TCP Proxy services. For this example, the Barracuda Load Balancer ADC distributes traffic for a set of email servers also supported by a set of Barracuda Email Security Gateways.

Figure 2. One-armed TCP Proxy service with Barracuda Email Security Gateways.

one_arm_tcpProxy_service_deployment_new.png

 

Last updated on