Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1 Interface for no-nat?

Most of the configuration examples I have seen show the CSS with one address block on the outside interface and another address block facing the servers on the inside. I found this article:

http://www.cisco.com/warp/public/117/one_armed_bandit.html

..where one interface is used and there the content address and the service addresses are on the same subnet.

Is this the best way (or only) way to accomplish having the VIP and the services on the same subnet? Would the this work bettwen if you assigned two interfaces on the CSS to the same VLAN but one pointed out for the VIP/Content address and one pointed back to another switch which would terminate the servers?

Also - the article implies a performance hit for using the one-armed configuration. Is there a way to quantify the performance hit using the one-armed-bandit approach?

Thank-you.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: 1 Interface for no-nat?

You can have multiple physical interfaces in the same vlan as you described.

The CSS can switch at Layer2 and still perform loadbalancing when needed.

When using a single interface, there is a limit to the performance you can achieve simply because the same interface will be used to send/receive traffic to the client and traffic to the server. So 50% for clients and 50% for servers.

While with 2 physcal interface [one subnet or more], then you do not have this performance limit.

Gilles

Cisco Employee

Re: 1 Interface for no-nat?

That's correct.

I have seen this config very often and I sometimes use it myself in the lab.

Gilles.

3 REPLIES
Cisco Employee

Re: 1 Interface for no-nat?

You can have multiple physical interfaces in the same vlan as you described.

The CSS can switch at Layer2 and still perform loadbalancing when needed.

When using a single interface, there is a limit to the performance you can achieve simply because the same interface will be used to send/receive traffic to the client and traffic to the server. So 50% for clients and 50% for servers.

While with 2 physcal interface [one subnet or more], then you do not have this performance limit.

Gilles

New Member

Re: 1 Interface for no-nat?

So on Gig0 I could have the outside facing interface attached to one VLAN "outside" on a switch and on Gig1 "inside" I would connect do a different VLAN so as to not create a loop. From a layer 3 persepctive hosts on lan "outside" and "inside" would be in the same subnet. The CSS would show ports Gig0 and Gig1 as being in the same VLAN although they would attach to separate VLANs on the switches. Right?

Cisco Employee

Re: 1 Interface for no-nat?

That's correct.

I have seen this config very often and I sometimes use it myself in the lab.

Gilles.

117
Views
0
Helpful
3
Replies
CreatePlease login to create content