Loadbalancing FTP servers

Unanswered Question

Hello all,

I've been given the task of setting up new rules for load balancing FTP servers. These servers will be available internally as well as externally to our network. We do a great deal of business critical FTP transfers among our customers. So the plan is to place multiple (at least two for now) FTP servers with a backend shared storage resource. I've configured a simple L3 rule to do this:

content FTP_DMZ

protocol tcp

add service FTP_DMZ

advanced-balance sticky-srcip

vip address 192.168.66.23

port 21

active

But the FTP session does not reach the server. I can FTP to the real address of the server through the LB (a 11501 running 8.10.4.01). I cannot to the VIP.

Any help? I have tried the APP FTP-CONTROL, but that does not change the situation.

Thanks in advance for any input.

Jim

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bob_olson Thu, 01/03/2008 - 07:44

Are you doing Passive transfers? The reason I ask is that I have a TAC case open for a similar problem. As far as I understand the CSS is supposed to intercept/rewrite the data returned to the client in response to the passive command. In my situation, tcpdumps show the real IP of the server coming back to the client which isn't accessible directly. I still don't have a solution from Cisco Tac. If they fix my issue, I'll post here.

-Bob

Actions

This Discussion