ACE: Server-to-Server loadbalancing

ciscocsoc · ‎06-24-2008

Dear All,

I have to provide ACE loadbalancing for a new multitier application which has server-to-server loadbalancing.

The user communicates with loadbalanced webservers which in turn communicate with loadbalanced application servers. I

don't have the freedom to change existing IP addresses and I have to use source NAT to prevent asymmetric traffic. Can

I achieve the loadbalancing in one context or do I need separate contexts for web and app? The diagram illustrates the

server relationships.

Thank you

Cathy

Gilles Dufour · ‎06-24-2008

Everything should be possible in a single context.

It is also easier if you stay in 1 context.

Gilles.

ciscocsoc · ‎06-24-2008

Thank you Gilles,

As I'll be using routed mode, I assume I'll need three vlans. One for the client side, one for the web tier and to provide a natpool and the third for the app tier and again to provide another natpool so that traffic from the app tier goes back through the ACE to the web tier. Is this correct?

Thank you

Cathy

firewalz · ‎06-24-2008

You could do everything in one context. I have a similar setup and I used multiple contexts in order to keep the individual configs smaller and simpler, large configs on the ACE can get complicated and ugly:) I set up the following:

APP-PROD and APP-NON-PROD non slb segments off FWSM, APP-LB-PROD and APP-LB-NON-PROD slb segments using ACE contexts. This gives app owners flexibility to use load balancing or not in parallel tiers.