ACE active active service redundancy

Answered Question
Oct 16th, 2008
User Badges:

Hi,

I want to deploy two ACE modules in redundant configuration. I want ACE_1 to be active for Web-server-LB service and ACE_2 to be active for DNS-server-LB.

All my clients are coming to ACE on a single VLAN. But as per the above configuration, the web traffic of clients should go to ACE_1 and the DNS traffic should go to ACE_2. Can anyone suggest how to achieve this.

thanks

Correct Answer by Syed Iftekhar Ahmed about 8 years 8 months ago

You can share client side vlan with multiple contexts on ACE in routed mode.So If your client vlan is 10 then you can assign same VLAN to both ACE Contexts.


Lets say Vlan10 is using 10.10.10.0/24 subnet.

You can assign two different IP addresses to the two contexts. For example


You can assign 10.10.10.100/24 to WEB-context's VLAN10 interface &

Similarly 10.10.10.200/24 to DNS-context's VLAN10 interface.


When contexts share a VLAN, the ACE assigns a different MAC address to the VLAN on each context


Now if you define VIP-DNS with ip 10.10.10.150/24 in DNS-Context & VIP-WWW with ip 10.10.10.250 in WEB-Context then for request destined to 10.10.10.150 ACE will respond back with MAC address associated with DNS-context. Similary for ARP request asking for 10.10.10.250 ACE will respond back with MAC assigned to WEB-context.


HTH

Syed Iftekhar Ahmed

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Syed Iftekhar Ahmed Thu, 10/16/2008 - 22:05
User Badges:
  • Blue, 1500 points or more

You will need to create two contexts (Context-WEB & Context-DNS) such that Context-WEB is active on ACE module 1 & Context-DNS is active on ACE module 2.


Syed Iftekhar Ahmed

thedinuka Thu, 10/16/2008 - 22:17
User Badges:

HI

thanks, But how would the ACE identify each type of traffic should go to ? Is it by using VLANS?

If so I'm faced with a problem. All of my client traffic are coming to the ACE in one vlan. How should i proceed in this case ?



Correct Answer
Syed Iftekhar Ahmed Thu, 10/16/2008 - 22:31
User Badges:
  • Blue, 1500 points or more

You can share client side vlan with multiple contexts on ACE in routed mode.So If your client vlan is 10 then you can assign same VLAN to both ACE Contexts.


Lets say Vlan10 is using 10.10.10.0/24 subnet.

You can assign two different IP addresses to the two contexts. For example


You can assign 10.10.10.100/24 to WEB-context's VLAN10 interface &

Similarly 10.10.10.200/24 to DNS-context's VLAN10 interface.


When contexts share a VLAN, the ACE assigns a different MAC address to the VLAN on each context


Now if you define VIP-DNS with ip 10.10.10.150/24 in DNS-Context & VIP-WWW with ip 10.10.10.250 in WEB-Context then for request destined to 10.10.10.150 ACE will respond back with MAC address associated with DNS-context. Similary for ARP request asking for 10.10.10.250 ACE will respond back with MAC assigned to WEB-context.


HTH

Syed Iftekhar Ahmed

huangedmc Tue, 11/18/2008 - 19:28
User Badges:

Just a little caveat...

I believe if you share client-side vlan between multiple contexts, you won't be able to communicate between the contexts.


In another word, no inter-context communication is allowed if the same client-side vlan is used.


Actions

This Discussion