Basic ACE Design Question

Unanswered Question
Dec 11th, 2007

Hi All,

In the network layout below, does the ACE need to be setup in a routed mode to work? can it be also be setup in a bridged mode in this scenario?

Network Cloud <--> Firewall <--> ACE <--> Router <--> Server Farm.

Any refences would also be greatly appreciated.

Thanks in advance.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Thu, 12/13/2007 - 09:11

you can always chose between routed or bridged mode. This is also true for your case.


nyr.hakeem-habeeb Thu, 12/27/2007 - 03:14

Hi Giles,

Thank you for your response.

I was under the impression that if redirection is being done at layer-2 (aka bridged mode) then server's need to be layer-2 adjacent with the Load-Balancer. Is this not applicable to the ACE?

I would greatly appreciate more clarity on this.

Thank you in advance.


Gilles Dufour Sat, 12/29/2007 - 06:32

you only need the server adjacent if you do transparent loadbalancing. Which means you do not nat the virtual ip to the server ip.

Instead the servers are configured with a loopback ip address the same as the vip on the loadbalancer.

You can always bridge between 2 vlans and this is possible in your case.

However, I don't see the need to insert a router between the ace module and the servers.

Can't you have the ace module inserted between the router and the servers ?

Or get it rid of the router and have the servers directly connected to the ACE vlan and using the firewall as gateway ?



This Discussion