CSS - Configs

Unanswered Question


Have some basic queries rleated to CSS configuration.

Total two sites are present in the network and both sites are having CSS.

In a Cluster environment, one server is connected to 1st network CSS and VIP is being assigned and second server is connected to 2nd network CSS and VIP is being assigned.

What are the basic configuration parameters one should consider for doing load balancing between these two servers.

( 1st Server NA request should get go to the 2nd Server) Also have to configure Source NAT compared to Destination NAT which is default in CSS.


R.Sundara Rajan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Gilles Dufour Fri, 01/20/2006 - 02:11
User Badges:
  • Cisco Employee,

what you need is something like this

server local

ip x.x.x.x


server remote

ip x.x.x.x


owner XXXXX

content xyz

vip x.x.x.x

add service local

primarysorryserver remote



group xyz

vip x.x.x.x

add destination service remote

[add destination service local]


The group is to nat the source ip to guarantee that the response from the remote server will come back to this css, so it can be forwarded to the client after doing reverse nating of the vip address.

If you are in one-armed mode, you may also need to do client nat for the local server.

Finally, if your traffic is http only, you could configure 'service remote' as an HTTP redirect to the remote vip.

This will avoid traffic having to go from one site to the other.

You can find easily on this website sample config for css http redirect configuration.



Thanks for rating this answer.

Gilles Dufour Fri, 01/20/2006 - 05:40
User Badges:
  • Cisco Employee,

if you are in one-armed mode, the CSS, the servers and the gateway are all in the same subnet and the response from the server may bypass the CSS.

Therefore, one solution usually implemented is to do client nat on the css which will force the servers to respond to the CSS.

If you want to do this, you need the command that I added under bracket previously 'add destin service local'.




This Discussion