Direct server return is usually shortened to DSR. In DSR mode, the load-balancer routes packets to the backends without changing anything in it but the destination MAC address. The backends process the requests and answer directly to the clients without passing through the load balancer. The backends must have the service IP configured on a loopback to be able to accept the requests.

TCP Connection Overview

diagram of tcp connection

As usual, when performing layer 4 load-balancing, the TCP connection is established directly between the client and the backend. Note that the requests pass through the load balancer while the responses do not.

Data Flow

data flow diagram

As explained above, the load-balancer sees only the requests and just changes the destination MAC address of the packets. The backends answer directly to the client using the service IP configured on a loopback interface.

Pros & Cons

Pros

  • very fast load-balancing mode

  • load-balancer network bandwith is not a bottleneck anymore

  • total output bandwith is the sum of each backend bandwith

  • less intrusive than the layer 4 load-balancing NAT mode

Cons

  • the service VIP must be configured on a loopback interface on each backend and must not answer to ARP requests

  • no layer 7 advanced features are available

When to Use This Architecture?

  • where response time matters

  • where no intelligence is required

  • when the output capacity of the load-balancer could be the bottleneck

Subscribe to our blog. Get the latest release updates, tutorials, and deep-dives from HAProxy experts.