ACE Loadbalance on same interface

Unanswered Question
Mar 5th, 2009
User Badges:

Hi Guys,


I am tryign to deploy a solution where by i have 5 servers sat behind the ACE in a routed fashion. There are static nats to these servers for management.


3 of the servers are standard web farm.


Now these 3 servers need to speak to a VIP setup on the ACE to loadblance the traffic between the remaining 2 servers for CMS. Is this possible with them all on the same vlan?? I have tried setting up a VIP server vlan side (no joy) Tried connecting to a vip on the Client side from the servers (no joy).


Any help would be much appreciated.


Config to follow

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gilles Dufour Thu, 03/05/2009 - 02:59
User Badges:
  • Cisco Employee,

you need to configure client nat when doing this. Otherwise the server response will directly go the client_server which will reject it because not coming from the vip.


Gilles.

scott-goodwin Mon, 03/09/2009 - 00:35
User Badges:

Hi Giles,


The config is attached, as you can see I have incoming nats for management of the servers, hence I initially pointed the servers to a vip on the 250.x side of the ace, however this doesnot work.


As can be seen I also set up a vip on the 240.x side for the DIIOP service.. but this doesn't function either???


Thanks


Scott




Attachment: 
scott-goodwin Tue, 03/10/2009 - 01:00
User Badges:

How can i setn up client Nat, when i Am already natting for management purposes??


Scott

Anonymous (not verified) Tue, 04/28/2009 - 08:02
User Badges:

Hello,


You can try this:

-. Create the VIP in the server side.

-. Then Nat all traffic hitting that VIP. You can do that with the command "nat dynamic" inside of the Policy map.


Example:


policy-map multi-match L3L4_LOADB

class CLASS_MAP

loadbalance vip inservice

loadbalance policy L7_LOADB

loadbalance vip icmp-reply active

loadbalance vip advertise active

nat dynamic 1 vlan 118

!

interface vlan 118

bridge-group 118

no icmp-guard

access-group input ALL

access-group output ALL

nat-pool 1 10.0.0.3 10.0.0.3 netmask 255.255.255.255 pat

no shutdown

Actions

This Discussion