Server configuration for layer 4 DSR mode


Server side configuration to be compatible with an ALOHA Load-Balancer configured in Layer 4 DSR mode.

DSR (stands for Direct Server Return) is also known as gateway mode.




v4.2 and later

ALOHA load balancer
Server configuration with an ALOHA in Direct Server Return mode (DSR)

Reminder about Gateway or DSR mode

In layer 4 gateway mode, the ALOHA Load-Balancer sees only the traffic going from the client to the server. The servers answer directly to the client through its default gateway.

As shown in the diagram above:

  • the client reaches the Virtual IP which is configured on the Load-Balancer
  • The ALOHA Load-Balancer chooses a server based on its configuration, then change the destination MAC address of the frame before forwarding it to the server
  • The server gets the packets corresponding to the request
  • When the server answers back to the client, it does it directly, bypassing the ALOHA Load-Balancer
In order to work in such way, the server must hosts the Virtual IP too, but should not answer to ARP requests with it.

And this is where you need the current document to know how to configure your servers properly.

Linux configuration

Alias creation on the loopback interface

Create a loopback interface (ie lo:1) with the Virtual IP address and a netmask value setup to (/32).

Don’t forget to make it resilient at start up. This configuration depends on the Linux distribution you’re using.

System parameters

Setup the two sysctls below:

  • arp_ignore must be set to 1
  • arp_announce must be set to 2

To apply the changes directly, run the commands below:

sysctl -w net.ipv4.conf.all.arp_ignore=1
sysctl -w net.ipv4.conf.all.arp_announce=2

In order to makes these changes resilient after reboot, edit your /etc/sysctls.conf file then add the two lines below:

To get more information about these sysctls settings, read the chapter “Further reading” at the end of this document.