I am a little confused with Portmapping and the advice on Source Groups in the documentation.
The section on "Configuring ASR" chapter 2 in the redundancy manual advises to Configure mutually exclusive port-map ranges on the redundant peers using the global-portmap command to avoid potential network port collisions.
However, we have a simple configuration that uses Source Groups to ensure that incoming requests to backend servers are Source NATted in a one-armed configuration. The content Rules and corresponding Services and Source Groups (with add DESTINATION service commands) are exactly replicated on each box.
The only differences in the configurations are the VLAN IP addresses for the redundant interfaces.
There is a single Virtual Router on a single redundnat interface on each box.
There is a separate ISC link between the two boxes.
Because the client request to backend servers are using Advanced Balance SSL, the backend server connection uses the delayed binding and a source port number is required.
When this conection is failed onto the "backup" router on the other box, I assume it will have to continue with the original source port number, otherwise the flow will break down.
Is this a correct interpretation and does it mean that there can be no conflict between the portmap ranges on the two boxes?
If so can I ignore this advice and leave the CSS to decide which port numbers to use?
Are there any implications with my configuration on the maximum number of flows that can be supported for a single rule with destination port defined and mapped to a different desination port on the backend servers?
Hope someone can advise ...... as it will save a lot of test setup and prooving!
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...