ACE questions

Unanswered Question
Oct 8th, 2008

Hi all,


i've got 2 questions:

1 http url loadbalance, version .3.0.0_A1_4a seems not to accept simple wildcard like * :( pretty strange, i have to put entire url and so ACE let me display web page;

ex 2 match http url .*/pippo_ita/!1CIAO.html i can see page,

.*/pippo_ita/* i cannot see page...


other question, do you think i'll have problem from inside server to connect a VIP situated in a CSS if i've got same VIP subnet?


ex server A-B-C (real ip 1.1.1.0/24 VIP 2.2.2.2/32)--> 2.2.2.3 (VIP on CSS) and they have both physical connection (CSS has got a circuit like 2.2.2.254 and ACE too 2.2.2.250). I think that ACE will forward packet and a brodcast will occur for finding 2.2.2.3 VIP on CSS and a CSS will responde...


thx and bye

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 10/08/2008 - 10:22

Instead of using


.*/pippo_ita/*


use


.*/pippo_ita/.*


CSS will definitely respond.


If reals for CSS & ACE share the same Subnet then you will need to Src NAT traffic initiated from servers behind ACE.


If servers behind ACE & CSS are using different subnet & ACe is not doing SRC NAT then You just need to make sure CSS has a route pointing to the ACE for REAL server IPs.


HTH

Syed Iftekhar Ahmed

danilodicesare Wed, 10/08/2008 - 13:47

tnx Syed!


reals are on different subnets so i need not src NAT, just VIP shares same subnet but, as i said before, CSS has to respond at arp request and L2 stuff has to do their job :).


bye


Dan

Syed Iftekhar Ahmed Wed, 10/08/2008 - 14:07

Dan


Its not just L2 stuff. Your CSS also needs to be L3 aware of the networks behind ACE.


Let supposes your VIP subnet shared by ACE & CSS is 200.x.x.x and serverfarms behind ACE & CSS are using 10.x.x.x & 20.x.x.x respectively.


Now packet from servers behind ACE will end up at the CSS as (provide ACE is not doing SRC NAT)


Src IP: 10.x.x.a

Dst IP: 200.x.x.v


For the return traffic CSS needs to know where 10.x.x.x network is. CSS cannot learn this via L2/ARP it needs a route entry in the routing table for 10.x.x.x pointing towards ACE.


Syed

danilodicesare Wed, 10/08/2008 - 14:10

:) yes yes it was clear....L2 stuff just for going from ACE to CSS (VIP)...return traffic, of course, needs routing.


tnx again!



Dan

Actions

This Discussion