Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
471
Views
0
Helpful
3
Replies

ACE real servers with a service on multiple ports

thedinuka
Level 1
Level 1

‎10-22-2008 04:30 AM

Hi, I want to set up ACE to loadbalance radius traffic between multiple radius daemons running on the same machine (same IP, mutiple radius daemons on different UDP ports). I've researched the available documents and think this would be the required config.

########################################

rserver server1

ip address 192.168.12.15

inservice

serverfarm SFARM1

rserver server1 1912

inservice

rserver server1 1612

inservice

rserver server1 1812

inservice

class-map match-any RADIUS_L4_CLASS

2 match virtual-address 12.1.1.11 udp 1645

policy-map type loadbalance radius first-match RADIUS_L7_POLICY

class class-default

serverfarm SFARM1

policy-map multi-match RADIUS_L4_POLICY

class RADIUS_L4_CLASS

loadbalance vip inservice

loadbalance RADIUS_L7_POLICY

########################################

you think this is possible?

thanks

Din

Labels:
0 Helpful
3 Replies 3

d-fillmore
Level 2
Level 2

‎10-22-2008 07:01 AM

Hi Din,

That config looks correct. Have you tried it yet?

I'd advise that you configure probes for each of the daemons on the server as well, otherwise if one of them fails the ACE will continue to load balance to it because the default probe is a ping which the server will respond to;

probe udp port-1912

port 1912

probe udp port-1612

port 1612

probe udp port-1812

port 1812

!

serverfarm SFARM1

rserver server1 1912

probe port-1912

inservice

rserver server1 1612

probe port-1612

inservice

rserver server1 1812

probe port-1812

inservice

Cheers, Dom

0 Helpful

thedinuka
Level 1
Level 1
In response to d-fillmore

‎10-22-2008 08:54 PM

HI thanks for the response. Would there be any one who has actually tried this or can verify this please. I don't have the luxury to try it out in a lab.

Thanks

0 Helpful

Martin Kyrc
Level 3
Level 3
In response to thedinuka

‎10-23-2008 12:24 AM

Hi,

configuration looks good and it works.

But you don't need configure probe for every real server (different port), because if you don't configure port in probe definition, port is taken from real server configuration.

read this:

http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/probe.html#wp1040802

Port Number Inheritance for Probes

If you choose not to specify a port number for a probe, the ACE can dynamically inherit the port number specified:

•From the real server specified in a server farm (see the "Associating Multiple Health Probes with a Server Farm" section).

•From the VIP specified in a Layer 3 and Layer 4 class map (see the "Configuring a Layer 3 and Layer 4 Class Map for SLB" section).

This flexibility provides you with an ease of configuration. In this case, all you need is a single probe configuration, which will be sufficient to probe a real server on multiple ports or on all VIP ports. The same probe inherits all of the real server's ports or all of the VIP ports and creates probe instances for each port.

martin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents