Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
1
Replies

ACE loadbalancing design dilemma

770801tvdhaar
Level 1
Level 1

‎10-29-2008 10:05 AM

Hi,

We have an ACE in 6509 connected to a FW(TRUNK). FW connected to 3560 switch(DMZ) rservers connected to 3560 need to be loadbalanced by the ACE(Layer 3 LB)

Is this possible and is this the best way to do it how do the rest of you tackle the DMZ LB dilemma if the LB is on the inside network?

Security issues I need to be thinking of?

Appreciate your time.

Labels:
6775-Ace_design_dilemma.vsd
0 Helpful
1 Reply 1

bwilmoth
Level 5
Level 5

‎11-04-2008 02:18 PM

You can operate your ACE strictly as an LB device. If you want to use LB only, you must configure certain parameters and disable some of the ACE security features as described in the below URL. By default, the ACE performs TCP/IP normalization checks and ICMP security checks on traffic entering the ACE interfaces. Using the following configuration will also allow asymmetric routing as required by your network application.

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A1/configuration/slb/guide/overview.html#wp1004320

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents