I'm have difficulty understanding how to put my ACE blade in service. I have 1 vlan with external ips on my 6500 msfc. All the internal internal vlans default gateways on on my msfc as well (e.g. vlan 10 is 192.168.10.1). My plan is to create a new ip on the internal vlan on the ACE (e.g. 192.168.10.10) and the default gateway for the load balanced servers be 192.168.10. There will also be a route for the internal networks 192.168.0.0/16 and the gateway is set to the MSFC 192.168.10.1.
Is my thinking correct here or can I run into some loops this way?
I'm also confused on where I should be natting the external ips. Do I nat the external ips on the ACE or on the MSFC?
Yes I mean real server vlans. So if my ACE interface is the default gateway for all my real servers, doesn't that mean that all my internal traffic between real servers and internal network, such as my web server mounting a nfs volume on an internal ip is going to have to pass through the ACE which is limited to a 16Gig backplane connection and also consuming another tcp connection?
If the only issue is the NAS device then you can have a second NIC on servers configured for the NAS VLAN.
The other option would be go with one arm design. In one arm design only the load balanced traffic hits the ACE.The servers will have Vlan interface defined on MSFC as the default gateway. The only issue in this case is to ensure that the return traffic shouldnt bypass ACE.
In order to ensure the return traffic traverse ACE, You will need to configure PBR
. Policy based routing will look for the return traffic from servers (fo example srcip: "server IP" Src port:"80" -- in case of www return traffic) and will forward that traffic to the VLan interface of ACE.
With "one arm design", Ace is like connected to Cat on a stick. Only traffic hitting the Vips will be forwarded to the ACE and every other traffic to/from Servers (like backup / NAS) will bypass ACE.
Ok. But won't having 2 routes on my server bypass the need for PBR on the MSFC? My default route points to ACE (to find internet connections from VIP) and I add a route for internal networks to go to MSFC.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...