Connecting to VIP on ACE not working.

Unanswered Question
Apr 23rd, 2008
User Badges:

Hello All,I am having trouble connecting to the VIP I created on the ACE module running on the 6509 chassis.

The connection to the VIP seems to be working as it passes traffic on to the LB server but the return traffic is not getting back.

The architecture of the environment is the following:

MSFC -> FWSM (routed mode) -> ACE (bridged mode)

I have defined the L2 VLAN's on the MSFC, L3 VLAN's are on the FWSM, and set up the ACE in bridged mode with bvi's tying the client access and server access VLAN's.

I can directly connect to the LB servers by using their real IP addresses. But telneting to the VIP does not work.

I am using Windows RDP as the protocol to test, since these servers are windows based.

Would appreciate some assistance in getting this problem resolved.

Thank you.


Below is the stats from the connections and the service-policy statistics and I am attaching the configs of the ACE:


adr-msfc-ace/dmz# sh service-policy EPAY_STAGE_MAP | b TEST

class: TEST-VIP


L7 loadbalance policy: TEST-POLICY

VIP Route Metric : 77

VIP Route Advertise : DISABLED



curr conns : 1 , hit count : 1

dropped conns : 0

client pkt count : 0 , client byte count: 0

server pkt count : 0 , server byte count: 0

adr-msfc-ace/dmz# sh conn detail

total current connections : 2

conn-id np dir proto vlan source destination state


9 1 in TCP 200 ESTAB

[ idle time : 00:22:31, byte count : 192 ]

[ elapsed time: 00:22:40, packet count: 3 ]

10 1 out TCP 300 ESTAB

[ conn in reuse pool : FALSE]

[ idle time : 00:22:29, byte count : 144 ]

[ elapsed time: 00:22:40, packet count: 3 ]

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dtochilovsky Wed, 04/23/2008 - 11:58
User Badges:

I got to resolve the problem with the help of a TAC case engineer. He said to use the "mac-sticky enable" command on the ingress L2 VLAN interface of the ACE module, that will force the traffic out of the ACE using that interface.

Once that command was in lace I was able to connect to the VIP.

Hope this helps someone who is seeing hte same problem.


This Discussion