Response from internal machine after forwarding
I'm trying to implement a "Direct Server Response" approach for a Load Balancer I have. It is setup as follows:
Client 'A' queries Load Balancer 'B' with public IP 220.127.116.11 on port 1111 (port forwarded on the pfsense GUI). This works.
Load Balancer 'B' forwards the packet transparently (keeps client source IP and source port) to Backend C. This works.
Backend 'C' intercepts the packet and responds to client 'A'. Packet is sent (tcpdump I can see it) but never arrives to client (can't see it in Wireshark).
If I reply directly from Load Balancer 'B', where I have the port forward rule, then it works, but I don't want that.
What I'm missing?