cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
712
Views
14
Helpful
8
Replies

ACE Redundancy

danger_mousie
Level 1
Level 1

It seems ft groups are the ACE redundancy feature. FT groups are associated with contexts. In turn contexts are associated with slb groups. Does this mean, one must group slb groups into contexts according to failover behavior?

In other words, how do I relate contexts, ft groups and slb groups? I need some to be Active-Active and some Active-Standby.

1 Accepted Solution

Accepted Solutions

yes you need ot buy a license if you want more than 5 contexts.

The client should target the vip - vserver address unless this address is not part of a vlan. In this case a static route on the gateway for the vip should be configured and you point the next-hop to be the interface alias address.

The FT addresses are only being used by ACE itself.

Gilles.

View solution in original post

8 Replies 8

Gilles Dufour
Cisco Employee
Cisco Employee

I think your understanding is correct.

Each context can be active or standby.

All VIP inside a context will have the status of the context.

The difficulty can exist if you want the use the same servers in different contexts, you'll need to pay attention to the returning traffic so that it goes to the right context.

Client nat might be required.

It seems to me that this will bring additional complexity and I do not see the benefit of an active-active config.

The ACE is powerful enough to handle everything on one box with the other one standby.

Unless you really have heavy SSL traffic.

Gilles.

Thanks Gilles,

Does this not defeat what I understand to be the purpose of contexts, to provide virtual machines for the different business interests to log into?

Am I to understand also then that the entire context will failover, all the slb groups in it, if the ft heartbeat test does not pass? What about the health probes for slb groups, they are purely to determine if a server is elligible for traffic or not, and cannot assist in failing over a group if necessary?

The Active-Active is at the customer's request. They would like read requests to go to all servers, in both locations, and write requests to go to only one (Active-Standby).

all I'm saying is if you want to use the same servers in different contexts, this gets complicated and I don't think the active-active setup justify this complexity.

Normally, all contexts should be independent - so servers would only exist in one context.

Gilles.

I agree, one context per server group will make things a lot easier. I need another license to have more than 5 correct?

I'm still confused about which virtual IP address the client will target to reach the Active SLB group in a pair of contexts, the Alias of the ft group?

yes you need ot buy a license if you want more than 5 contexts.

The client should target the vip - vserver address unless this address is not part of a vlan. In this case a static route on the gateway for the vip should be configured and you point the next-hop to be the interface alias address.

The FT addresses are only being used by ACE itself.

Gilles.

Wait a sec, Roble says: "Client always hits the VIP of the ACE. Normal IP traffic always Hits the ALIAS, same concept as HSRP."

1. So, if client "hits VIP of ACE", then ACE = vserver. How do you config this ACE VIP? Alias under vlan? same vlan and alias on both ACEs? Is the def gw on the real servers this same VIP?

2. What's the difference between client and normal traffic? If the VIP of the ACE is not the VLAN alias, what is the ACE VIP config!?

here is how you define a vip:

class-map match-all VIP-122-80-2

2 match virtual-address 192.168.20.122 tcp eq www

The alias is to be used for example by real servers as their defaut gateway. When they need to respond to the client, traffic needs to go through the active ACE, so you use the alias as default gateway.

Gilles.

Hi Gilles, what about this concept, is it feasible?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: