ACE 4710 - active active routing in one arm question

rbuckshaw · ‎04-16-2010

Hello,

Working on deploying ACE active active with multiple contexts. Need to do some One Arm on top of L2 bridge as well. I have a L3 interface between the ACE and core router on vl90. The ACE has FT. Core has hsrp and this is my default route from the ACE.

Looking for some verification or a sanity check on what I am thinking here please.

Primary question, how do I properly share this vl90 between contexts? I think the docs tell me that I need a unique IP for the vl90 in each context, I am ok with that but - what routes do I put in the core to get to the ACE?

I expect that the core gets a static for the range of vips in use for a context and also the snat pools. That static points to the alias, yes? So if I have 5 contexts I need about 20 addresses on the L3 link (/27).

Now to keep track of everything.

Is this the way to do it? What other considerations to make?

Thank you for looking.

Sean Merrow · ‎04-18-2010

Hello,

Seems to me like you already have a pretty good handle on this ;- )

You are correct, you would need to have any necessary static routes configured on the ACE's gateway pointing to the correct next hop on this shared VLAN/subnet. Also, since you are in FT, that next hop should always be an Alias address. The routes on the gateway would point to the ACE for anything that it must go through the ACE to get to (ie. NAT'd addresses that aren't layer 2 adjacent, VIPs, rservers behind the ACE, etc.).

I noticed that you said you would also be doing some bridging. Keep in mind that if you bridge a VLAN in any one context, that VLAN can no longer be shared with any other context. Only routed VLANs can be shared.

Hope this helps.

Sean

rbuckshaw · ‎04-22-2010

Thanks much for looking and commenting.