In a one-armed topology all of the real servers and VIP addresses are configured on a single network, usually the WAN network, or (less commonly) the LAN network.
When you create services in this topology, consider the following:
- Layer 4 TCP or UDP services: You must configure the real servers in Direct Server Return mode. See Direct Server Return deployment.
- TCP Proxy, UDP Proxy, or any of the Layer 7 service types: You can add the Barracuda Load Balancer ADC into an existing infrastructure with minimal changes to the network. This does not require changes to the IP addresses of the real servers. The Barracuda Load Balancer ADC can be added to the same subnetwork as the real servers. Alternatively, the Barracuda Load Balancer ADC can connect to the real servers through a router.
- WAN refers to interface(s) configured to access an external network.
- LAN refers to interface(s) configured to access an internal network.
- If the server is in the same network as the custom virtual interface, the custom virtual interface is used to connect to the real server using the interface route/static route or the default gateway, in that order.
- If the server, the custom virtual interface, and the WAN IP address are all in the same network, you cannot use the custom virtual interface to connect to the real server, so the WAN IP address is always used to connect to the real server.
- The virtual interface for the service can be in any network.
Figure 1 shows a WAN deployment using a one-armed topology and TCP Proxy, UDP Proxy, or Layer 7 services. The gateway IP address of the real servers need not change when adding the Barracuda Load Balancer ADC to the network. All of the virtual IP addresses and the IP addresses for the real servers are connected to the WAN.
If required, an externally accessible IP address can be kept on a real server so that external clients can still access that address (for example, for FTP) only on that one system.
Because configuration changes are not required, traffic is only passed through the Barracuda Load Balancer ADC if it must be load balanced.
Figure 1. One-armed using TCP Proxy, UDP Proxy, or a Layer 7 service.
Figure 2 shows an example of a one-armed deployment using TCP Proxy services. For this example, the Barracuda Load Balancer ADC distributes traffic for a set of email servers also supported by a set of Barracuda Email Security Gateways.
Figure 2. One-armed TCP Proxy service with Barracuda Email Security Gateways.