In DTGW VPC with TEP mode or VPC with CTGW, if SNAT automap is configured in LB pool, LB pool members must be in the same VPC in which LB service is.
search cancel

In DTGW VPC with TEP mode or VPC with CTGW, if SNAT automap is configured in LB pool, LB pool members must be in the same VPC in which LB service is.

book

Article ID: 425487

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

All following symptoms must be present;

  • Using DTGW VPC with TEP mode or VPC with CTGW.
  • SNAT automap is configured in LB pool.
  • The IP address of pool member is not in the subnets of VPC where LB service is.
  • The connection between LB and the pool member cannot be established.

Environment

VMware NSX 9.0

Cause

The LB automap SNAT IP is a private IP. If the pool member is not in the same VPC where the LB service is, this traffic from LB to the pool member with SNAT IP can be routed to the pool member server. But as this private IP is not reachable from other VPCs, the reverse traffic from the pool member server to LB cannot be routed back to this VPC.

Resolution

Update LB pool to remove the pool members which are not in this VPC.

Powered by Wolken Software