Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE-SLB Multiple VIPs to Same Rservers

ACE module (on C6509) is currently configured to support client/server connections to several application servers.

VIP#1 on ACE exists within a single client side subnet (int vlan111)

Real servers exist on a separate server side subnet (int vlan555)

ACE is configured with a single default route pointing to a router on the client side subnet (int vlan111)

Customer wants to add a new VIP#2 that will exist on a new client side subnet (int vlan222)

Customer wants this new VIP#2 to be load balanced to the same application servers, exactly the same as VIP#1.

The problem I suspect is that the ACE's existing default route (via int vlan111) will cause all VIP#2 server-to-client traffic flows to be forwarded via int vlan111 instead of int vlan222 and thereby break the VIP#2 server-to-client traffic flows.

Assuming I'm correct, is there an ACE based solution to this, or is this desired environment just not possbile.

NOTE: since both VIP#1 and VIP#2 clients will be any public IP addressed hosts, I cannot define multiple routes based on discrete destination network addresses; therefore a single default route is all that's possible to use.

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: ACE-SLB Multiple VIPs to Same Rservers

Yep,

A static route and your problem is solved. Worked for me back when I had to redesign my public facing webportals. I basically had three different subnets, each containing 15-20 VIPS that had to be consolidated onto one ACE-context. And my challenge was the excact same.

5 REPLIES
Bronze

Re: ACE-SLB Multiple VIPs to Same Rservers

You should be able to configure VIP#2 on the same client-interface (Vlan111), even if the new VIP doesn't belong to the address-range Vlan111 resides in. That way all client traffic is forwarded to the same interface and your routing issue should be erdicated.

Simply configure your VIP#2 class and apply the same lb-policies etc. in your multimatch-policy, which is already applied to Vlan111. Then, add a static route on your router, using the Vlan111-address (or alias-address) as next-hop. This should work, I've configured this myself.

hth

New Member

Re: ACE-SLB Multiple VIPs to Same Rservers

wow, that's pretty clever.  but let me be sure I understand the step regarding the static route on the router.

are you referring to my upstream (client side) router, that it should have a static route to reach my VIP#2 via a next-hop equal to my int vlan111 IP address?

Bronze

Re: ACE-SLB Multiple VIPs to Same Rservers

Yep,

A static route and your problem is solved. Worked for me back when I had to redesign my public facing webportals. I basically had three different subnets, each containing 15-20 VIPS that had to be consolidated onto one ACE-context. And my challenge was the excact same.

New Member

Re: ACE-SLB Multiple VIPs to Same Rservers

Thank you very much for your solution to this.  I will give this a whirl within the next few days and let you know how it goes.

New Member

Re: ACE-SLB Multiple VIPs to Same Rservers

u da man uhansen.........I tested it out today and just as you said....it worked like a charm.....much, much thanks........jimmyc

357
Views
0
Helpful
5
Replies