cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
812
Views
0
Helpful
6
Replies

ACE - rserver can not access VIP

lishengtao
Level 1
Level 1

ACE in bridge mode, VIP is on the same subnet as rservers and other servers. There is no issue for clients from internet to access the VIP. However, the servers on the same subnet of the real server cannot access VIP.

I guess that's because after VLB assign/redirect request the request to a rserver, the return traffic may bypass the VLB. Is it correct? Is there any way to allow the servers behind the VIP to access VIP also?

Thanks!

ST

6 Replies 6

andrea.meconi
Level 2
Level 2

I'm using a CSM with the same scenario and use a pool to NAT the real server source IP.

Hope this help.

Andrea

Hi Andrea, do you have any doc/link referring the NAT solution?

Thanks!

ST

Hi Andrea, do you have any doc/link referring the NAT solution?

Thanks!

ST

I will try the "transparent" cmd on server farm.

You simply need to source Nat this traffic.For example if all servers & clients are on vlan 10 (1.1.1.0/24 subnet) then you need following config

rserver host YOURSERVER1

ip address 1.1.1.100

inservice

rserver host YOURSERVER2

ip address 1.1.1.101

inservice

serverfarm host

rserver YOURSERVER1

inservice

rserver YOURSERVER2

inservice

class-map match-all YOURVIP

2 match virtual-address 1.1.1.200 tcp eq www

policy-map type loadbalance first-match YOURPOLICY

class class-default

serverfarm YOURSERVERFARM

nat dynamic 1001 vlan 10 serverfarm primary

policy-map multi-match VLAN10-VIPS

class YOURVIP

loadbalance vip inservice

loadbalance policy YOURPOLICY

loadbalance vip icmp-reply active

interface vlan 10

ip address 1.1.1.1 255.255.255.0

access-group input ANYONE

nat-pool 1001 1.1.1.250 1.1.1.250 netmask 255.255.255.0 pat

service-policy input VLAN10-VIPS

no shutdown

HTH

Syed Iftekhar Ahmed

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: