cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
869
Views
0
Helpful
4
Replies

ACE Interface Question

Rafael Mendes
Level 2
Level 2

Hello,

What's the difference in ACE Interface BVI and ACE interface vlan?

I see the two configurations and both working correctly, so, when use one or the other?

Tks a lot.

Rafael

1 Accepted Solution

Accepted Solutions

Hi Rafael,

No this is not possible. You cannot configure an ip to a bridged interface. If you want to route the traffice to ACE then you should consider Routed mode rather than Bridged.

If you dont want to NAT then make sure the server always respond back to the ACE.

The other solution to preserve client address is to use DSR.

http://snippets101.blogspot.in/2008/08/asymmetric-server-normalization-on.html

Let me know if you have any questions.

-

Siva

View solution in original post

4 Replies 4

sivaksiv
Cisco Employee
Cisco Employee

Hi Rafael,

Not sure if i understand your question correctly.

If you are looking for information about routed vs bridged mode please check the thread below.

https://supportforums.cisco.com/thread/2052168

Routed mode treats the ACE as a next hop in the network, typically with a client-side VLAN and a server-side VLAN in different IP subnets or even in different IP networks. The VLAN interfaces rely on IP addresses to route packets from one subnet or network to another.

In bridged mode, the ACE bridges traffic between two VLANs in the same IP subnet. The VLAN facing the WAN is the client-side VLAN. The VLAN facing the data center is the server-side VLAN. A bridge group virtual interface (BVI) joins the two VLANs into one bridge group.

In one-arm mode, you configure the ACE with a single VLAN that handles both client requests and server responses. For one-arm mode, you must configure the ACE with client-source network address translation (NAT) or policy-based routing (PBR) to send requests through the same VLAN to the server.

Regards,
Siva

Hello Siva!

Thank you for your response, now is clearer for me.

Let me do one more question.

In a interface vlan configured in a context, i can have bvi group and ip address for routing?

For example, today i have:

interface vlan 4

  bridge-group 10

  access-group input all-access

  nat-pool 1 172.17.3.254 172.17.3.254 netmask 255.255.255.255 pat

  service-policy input Access

  service-policy input VIP

  no shutdown

interface bvi 10

  ip address 172.17.2.199 255.255.0.0

  peer ip address 172.17.1.199 255.255.0.0

  no shutdown

I can insert one ip address in "interface vlan 4"?

Like this:

interface vlan 4

  ip address 172.17.3.100 255.255.0.0

  bridge-group 10

  access-group input all-access

  nat-pool 1 172.17.3.254 172.17.3.254 netmask 255.255.255.255 pat

  service-policy input Access

  service-policy input VIP

  no shutdown

I need an ip address in this interface for routing the traffic for an especific serverfarm, i must keep the original ip address from the clients, i can not use nat in this scenario, i create other vlan for provide a VIP address in a different subnet and mitigate the assymetric routing traffic on my network.

Thanks a lot.

Rafael

Hi Rafael,

No this is not possible. You cannot configure an ip to a bridged interface. If you want to route the traffice to ACE then you should consider Routed mode rather than Bridged.

If you dont want to NAT then make sure the server always respond back to the ACE.

The other solution to preserve client address is to use DSR.

http://snippets101.blogspot.in/2008/08/asymmetric-server-normalization-on.html

Let me know if you have any questions.

-

Siva

Hi Siva,

Thank you for your response.

Helped me a lot!

Rafael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: