ACE implementation with servers at remote locations

Unanswered Question
Feb 15th, 2010
User Badges:

Hi,


We are having two ACE appliances in the datacenter in failover mode. Currently, we using route mode with two servers placed in the DC which are getting load balanced. Now, we are planning to move the servers to a new location and this location is reachable via WAN from the DC. Is there any challenge in moving the servers to a new location.

1. Do we need to do any natting ?

2. Is there any configuration document for ACE appliance using route mode with NAT ?


Any help would be appreciated.


Rgds./

Sck

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Mon, 02/15/2010 - 23:07
User Badges:
  • Cisco Employee,

There are 2 things to look at.


1/ Make sure the ACE can reach the server (ping)

2/ Make sure the return traffic from the server goes back to the ACE


This 2nd point can be tricky when the servers are not directly connected to ACE.

The servers will see the connections coming from clients (not ACE ip address), therefore they will use a default gateway to send the response which does not necessarily send traffic back to ACE.


You may need policy routing on the gateway.

Or you may have to configure client nat (in this case, the servers see the connections coming from ACE itself), but then you lose information about client source ip.  This can be solved by doing header insert but this is only possible for HTTP and it has a cost in terms of performance.


The best option is to keep the servers close to the loadbalancer.

If you want to move both servers, see if you can also move the loadbalancer to the same remote location.


Gilles.

sachin_mon Mon, 02/15/2010 - 23:21
User Badges:

Thanks Gilles for your prompt reply. I would appreciate if you can share any configuration example for client NAT.


Rds./

Sck

Actions

This Discussion