Trying to get an ACE blade to do L3/L4 load-balancing in one-arm mode, but using PBR rather than source NAT.
Got a base config together and load-balancing seems to be working Ok. The problem I am trying to figure out is how to deal with direct flows, e.g traffic which isn't part of a load-balanced flow.
Does anyone know if/how I can configure the ACE to forward return traffic from an rserver which doesn't match part of an existing flow back to the sup720 rather than dropping it? I believe this was an option in CSM.
We encountered the same issue, except we are using the 4710 appliance. We found the simplest way to sort out this problem was to bind secondary IP addresses to the servers being load balanced, and using those IPs for services which are being load balanced. The PBR matches only these IPs - traffic initiated by the primary IP addresses do not match the PBR ACL.
Alternatively, could you not do PBR based on source port? Typical load balanced ports (80,25,etc) are not used as source ports.
Thanks for responding. Using a secondary IP isn't a bad idea. The second suggestion wouldn't fly because in this case customers must be able to use those typical ports for a mix of load-balanced and non load-balanced.
We actually found a good solution after much digging around, which was configure the SVI in the ACE with 'no normalization' (disclaimer: this disables various security checks in the ACE and makes it operate like a pure load-balancer).
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...