Hi to all, is it possible to configure IOS SLB (on 7200 or 6500 platform) to be able to balance server inside a configured vrf ?
anyone already tested it ?
yes you cross-connect two ports on the same chassis in different vrfs. This is to ensure that traffic between the servers and clients hits the IOS slb.
In the attached sample ports gig9/10 + gig9/11 are xconnected. Note that you have to manually override the ports MACs, since they are all identical by default. There is an OSPF process configured for the front door and back door vrf to announce reachability of the vserver IP (redundant setup).
the IOS SLB code on the C6k platform is not VRF aware at the moment (can only speak of c6k - never tried c7200). It is 'interface-aware' - which means that you can run IOS SLB on a VRF-lite box where the client and real-server facing interfaces are both in the same VRF.
However IOS SLB currently does not support incoming packets with MPLS labels since the corresponding TCAM filter only matches on pure IP packets - so no support on PE boxes :-(
To make it work on a PE we did some nasty workaround:
Loop back a port on the c6k PE and configure the both ends with different VRFs. Route between them and you have a VRF-lite box 'behind' a PE in the same chassis. Not too straight forward though but works as an interim solution ;-)