ACE questions

Unanswered Question
Oct 8th, 2008
User Badges:

Hi all,


i've got 2 questions:

1 http url loadbalance, version .3.0.0_A1_4a seems not to accept simple wildcard like * :( pretty strange, i have to put entire url and so ACE let me display web page;

ex 2 match http url .*/pippo_ita/!1CIAO.html i can see page,

.*/pippo_ita/* i cannot see page...


other question, do you think i'll have problem from inside server to connect a VIP situated in a CSS if i've got same VIP subnet?


ex server A-B-C (real ip 1.1.1.0/24 VIP 2.2.2.2/32)--> 2.2.2.3 (VIP on CSS) and they have both physical connection (CSS has got a circuit like 2.2.2.254 and ACE too 2.2.2.250). I think that ACE will forward packet and a brodcast will occur for finding 2.2.2.3 VIP on CSS and a CSS will responde...


thx and bye

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 10/08/2008 - 10:22
User Badges:
  • Blue, 1500 points or more

Instead of using


.*/pippo_ita/*


use


.*/pippo_ita/.*


CSS will definitely respond.


If reals for CSS & ACE share the same Subnet then you will need to Src NAT traffic initiated from servers behind ACE.


If servers behind ACE & CSS are using different subnet & ACe is not doing SRC NAT then You just need to make sure CSS has a route pointing to the ACE for REAL server IPs.


HTH

Syed Iftekhar Ahmed

danilodicesare Wed, 10/08/2008 - 13:47
User Badges:

tnx Syed!


reals are on different subnets so i need not src NAT, just VIP shares same subnet but, as i said before, CSS has to respond at arp request and L2 stuff has to do their job :).


bye


Dan

Syed Iftekhar Ahmed Wed, 10/08/2008 - 14:07
User Badges:
  • Blue, 1500 points or more

Dan


Its not just L2 stuff. Your CSS also needs to be L3 aware of the networks behind ACE.


Let supposes your VIP subnet shared by ACE & CSS is 200.x.x.x and serverfarms behind ACE & CSS are using 10.x.x.x & 20.x.x.x respectively.


Now packet from servers behind ACE will end up at the CSS as (provide ACE is not doing SRC NAT)


Src IP: 10.x.x.a

Dst IP: 200.x.x.v


For the return traffic CSS needs to know where 10.x.x.x network is. CSS cannot learn this via L2/ARP it needs a route entry in the routing table for 10.x.x.x pointing towards ACE.


Syed

danilodicesare Wed, 10/08/2008 - 14:10
User Badges:

:) yes yes it was clear....L2 stuff just for going from ACE to CSS (VIP)...return traffic, of course, needs routing.


tnx again!



Dan

Actions

This Discussion