ACE - Policy map bound to multiple interface

Unanswered Question
Apr 22nd, 2009
User Badges:


I have a policy map bound to multiple VLAN interfaces. The policy is pretty standard, any traffic hitting the VIP is load balanced.

Now, is it ok to assign the same policy map / VIP to to multiple VLAN interfaces on a virtual context?

I addition, I should add that one of the clients hitting the vip are the servers configured in the serverfarm of the context.

Basically the requirement here is that the rservers are client and server at the same time.

The problem I have is that when one of the servers send an HTTP request to the VIP, the ACE module reset the connection. I can see the dropped conns counter increasing as i generate requests to the ACE.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Wed, 04/22/2009 - 23:41
User Badges:
  • Cisco Employee,


the RESET is probably comming from the server.

If the server sends a SYN to the VIP, the packet is nated and forwarded to another server which sees a packet coming from a neighbor server (not ACE) and sends the SYN/ACK directly to the client(rserver).

This one is expecting a packet from the VIP and not the server itself and sends a RST.

You need to enable client nat for server opening connections to the vip.



This Discussion