cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
619
Views
0
Helpful
5
Replies

Loadbalancing FTP servers

jphilope
Level 3
Level 3

Hello all,

I've been given the task of setting up new rules for load balancing FTP servers. These servers will be available internally as well as externally to our network. We do a great deal of business critical FTP transfers among our customers. So the plan is to place multiple (at least two for now) FTP servers with a backend shared storage resource. I've configured a simple L3 rule to do this:

content FTP_DMZ

protocol tcp

add service FTP_DMZ

advanced-balance sticky-srcip

vip address 192.168.66.23

port 21

active

But the FTP session does not reach the server. I can FTP to the real address of the server through the LB (a 11501 running 8.10.4.01). I cannot to the VIP.

Any help? I have tried the APP FTP-CONTROL, but that does not change the situation.

Thanks in advance for any input.

Jim

5 Replies 5

You are missing two things

1. you need to define a group

2. application ftp-control command under content rule.

More details at

http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a0080094967.shtml

HTH

Syed Iftekhar Ahmed

Syed,

I am not new to Loadbalancers. I do have my services and group defined. And as I stated, I have tried the APP FTP-CONTROL and it had no affect. Along with enabling APPLICATION globally.

Thanks for the reply.

Jim

Are you doing Passive transfers? The reason I ask is that I have a TAC case open for a similar problem. As far as I understand the CSS is supposed to intercept/rewrite the data returned to the client in response to the passive command. In my situation, tcpdumps show the real IP of the server coming back to the client which isn't accessible directly. I still don't have a solution from Cisco Tac. If they fix my issue, I'll post here.

-Bob

Bob,

Thanks, yes they are passive mode. Anything you find out will be appreciated.

Jim

Bob & Jim,

I ran across this Technote and thought it could be of some assistance http://www.cisco.com/en/US/partner/products/hw/contnetw/ps789/products_tech_note09186a0080093de6.shtml

- Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: