We have a server that (server1) needs to access the NFS App server.
It appears that the client (server1) starts communicating with the virtual IP on the NFS App server, but for some reason, the App server is changing to its interface IP during the conversation for some of the UDP connections. The firewall will not allow this as it thinks that the connection has been hijacked by a different servers.
Here's an example:
10.2.163.73 server1 TCP: D=32943 S=2049 ACK=216583930 WIN=49232
68 10.2.163.73 server1 TCP: D=32943 S=2049 FIN ACK=216583930 SEQ=1663147899 LEN=0 WIN=49232
69 server1 10.2.163.73 TCP: D=2049 S=32943 ACK=1663147900 WIN=66608
70 server1 10.2.163.73 PMAP: C Get port PROG=100003(NFS), VERS=3, IP=17
71 10.2.163.77 server1 PMAP: R PORT=2049 (Reply to 70) >.>>> responded from .77 instead of .73
72 server1 10.2.163.73 RPC: C XID=1270833149 PROG=NFS VERS=3 PROC=0(Do nothing)
73 10.2.163.77 server1 RPC: R XID=1270833149
74 server1 10.2.163.73 PMAP: C Get port PROG=100005(Mount), VERS=1, IP=6
server1= server needs to communicate with the app server.
app server has a virtual IP of 10.2.163.73 & physical IP of 10.2.163.77.
Both servers are running solaris 10.
When server1 tries to talk to 10.2.163.73 (virtual) but the respond came back from 10.2.163.77 (physical). Firewall doesn''t allow the communication.
Is there a way to make the app server respond from the Virtual Ip, instead of the physical IP.