cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
734
Views
0
Helpful
8
Replies

ACE - bridging basics?

w.frye
Level 1
Level 1

Hi - have just started a initial configuration on a new ACE running A2 software. I have configured a bridging SLb farm. I can connect to the VIP when the client is on the L2 bridged VLAN however cannot connect to the VIP when I am in a routed VLAN off my sup. It seems I am missing something obvious. is there any sample config for this or can someone point me in the correct direction. Thx

8 Replies 8

d-fillmore
Level 2
Level 2

Make sure the ACE has a default route configured on it. I had this problem, customer wanted to not have any sort of routing on the ACE or FWSM, but my understanding is that the TCP connection is made to the ACE, and then from the ACE to the server farm, therefore the ACE needs a route out of it's own VLAN.

I have a default route back via the mgmt interface. I would have thought this would have been sufficent?

Can you post any of the config on here?

see attached relevant config - thx.

If you use bridging mode then default route configured on ACE is only for management traffic.

If you cannot reach your VIP from a remote vlan then you need to make sure that your routing infrastructure has appropriate routes for VIPs.

Your real servers in bridge mode points to the upstream routers (like MSFC on the switch.)

Thanks

Syed

yes this makes sense. I tried to create a Interface VLAN on the MSFC for the gateway for the real servers - but I get the error

--------------------------------------------

switch(config)#int vlan 52

switch(config-if)#ip address 192.168.2.2 255.255.255.0

switch(config-if)#no shut

Forcing SVI 52 to stay shutdown (SVI 50 tied to line card in slot 8.)

--------------------------------------------

Interface vlan 50 is the interface used for mgmt of the ACE. I had a route to the VIP's using the mgmt interface on the switch - somehow this needs to be a directly connected network. I have attached the relevant config to a reply to any earlier request in this conversation.

Create SVI for Vlan 51.

Since ACE is in bridge mode both vlan 51 & 52 will be using the same Subnet.

There is an additional command "svclc multiple interfaces" which must be used when allocating multiple Layer 3 VLANs (MSFC routed Switch Virtual Interfaces) on MSFC.

Syed

I have got this working - but I'm not 100% in the correct method. What I found was that I didn't have the "access-group input ACL1"

applied under my vlan 50 (mgmt interface) on the ACE. When I apply this I can route to my bridged subnet successfully from my MSFC. However I am not sure of the performance impact of this. Also it means I might have to add multiple static routes to my mgmt interface on the MSFC. I will take a look at the command you have provided to see what it does. Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: