cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
425
Views
0
Helpful
6
Replies

CSM Real Server unreachable

emmanuel
Level 1
Level 1

I am trying to implement a server farm where no natting is needed.

I have setup the client side vlan, and I have setup the server side vlan.

However, as the servers are more than a hop away from the CSM I am trying to setup a route on the server vlan for reachability.

I am getting errors when setting up the ip route with default gateway.

Anyone else has encountered this problem..? If so what is the best way to solve this..?

Any help is appreciated.

Thanks.

6 Replies 6

dario.didio
Level 4
Level 4

Hi,

I assume you have a setup like this:

client---router---VIP(CSM in routed mode)---Router---Server

What is the router between CSM and server used for? Are there alot of routes on? Does it have alot of other connections?

The problem is that if you want the return traffic to go back to the CSM, you need a route towards the CSM. But the problem is that you

cannot know the source of the initial request (the client), so you would need to use a default route.

But if there are other things on your router, you probably need another default route.

That is why I would recommend source NAT on the CSM. This way, you can just configure a static route on the router that if the traffic

source is the VIP, you need to send the return traffic of the server back to the CSM.

If my explenation is not clear, do ask and I will explain what you don't understand.

Hope this helps.

Hi

The setup is correct.

The in-between router is used for server connections.

On the CSM there are other VServers/Server farms setup, most use natting, however there is a requirement not to use client natting for an implementation.

Configuration is as follows:

CSM Vlan:

vlan 77 client

ip address 10.191.29.133 255.255.255.128 alt 10.191.29.134 255.255.255.128

gateway 10.191.29.129

This works fine, as long as I use client natting. But as soon as I add the server side vlan:

vlan 3 server

ip address 10.191.29.133 255.255.255.128 alt 10.191.29.134 255.255.255.128

I am unable to get a response from:

Ping mod csm 4 reals.

So, I suspect the return path is not known.

I have tried adding various flavors of the route command with various gateways, still unable to get a reply.

1. Your suggestion about the default route on the router, where should the default route should point to..?

2. Source Nat on CSM is not possible as the requirement is to identify the clients IP address (if that is what is meant).

Hope this is clear..?

Any help is obviously appreciated.

Has anyone else encountered this problem..?

Hi,

I see your client vlan (VLAN77) and server vlan (VLAN3) have the same IP subnet (10.191.29.128/25).

Can you post your config of the CSM? that would clear things up. Also, if possible, a network drawing of this setup.

Hi

Sorry, my mistake in typo.

The server vlan is:

vlan 3 server

ip address 10.191.6.20 255.255.255.224

Relevent CSM config:

module ContentSwitchingModule 4

ft group 254 vlan 78

priority 20

preempt

!

vlan 77 client

ip address 10.191.29.133 255.255.255.128 alt 10.191.29.134 255.255.255.128

gateway 10.191.29.129

!

vlan 3 server

ip address 10.191.6.20 255.255.255.224

gateway 10.191.6.1

!

natpool NAT 10.191.29.254 10.191.29.254 netmask 255.255.255.128

real DEV06

address 10.191.6.25

inservice

serverfarm TEST

no nat server

no nat client

real name DEV06

inservice

vserver VS-TEST-WEB

virtual 10.191.29.145 tcp www

persistent rebalance

inservice

Once I take off the vlan 3 server off the config, all works fine (with Natting).

But without Natting it doesnt seem to work.

Network diagram is fairly basic, in that:

Server -> ServerSwitch ->Cat6509 (with CSM) -> switch -> User.

EIGRP is the routing protocol.

Hope this is sufficient..?

Thanks and regards

Sorry, also forgot to add:

Relevant portion of routing and CSM vlan:

interface Vlan77

description Content Switching Module Vlan

ip address 10.191.29.130 255.255.255.128

standby 3 ip 10.191.29.129

standby 3 preempt

!

router eigrp 1

passive-interface Port-channel77

network 10.191.0.0 0.0.255.255

network 172.28.0.0

no auto-summary

Thanks for the helpful hints, I have resolved the routing problem.

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: