11-23-2006 08:55 AM
I'm currently evaluating the ACE module for out enviroment.
May we will take out all our CSS11500 and convert to the ACE Module.
But i have a feq Questins about the Config.
1)
Sometimes i currently use groups for source-nat. I do nat the source-IP in the same VIP as the content rule.
How can i archive this also for the ACE?
I'm missing somthing line "nat client" how it is working on the CSM.
2)
Also i have a general Question about NAT on the ACE.
I have an enviroment where i have many VIPs pointing do my different servers.
If a client is accessing the VIP there is only a destination NAT done by the content rule loadbalancing.
For all Connections which are initiated from the servers i do a NAT/PAT into a group.
"clause 100 permit any nql servernet destination any sourcegroup nat-out"
Can the Ace handle this similar, so that only connections from inside are translated?
Sven
11-24-2006 03:51 AM
1/ with ACE, you define a natpool under the interface that will be used to reach the server.
Then, you assign the natpool to your policy map.
ie:
interface vlan 30
natpool 1 172.16.1.10 172.16.1.15 netmask 255.255.255.0
policy multimatch SLB1
class VIP122
nat dynamic 1 vlan 30
2/ you can use a different policy-map for your internal interface where you do nat. And on the external interface you have a policy with no nat.
Gilles.
11-28-2006 01:39 PM
Great, but now i have another question.
It is about Cookies and Stickyness, very complex:
On CSS i can have a cookie like this:
"Cookie: hrz-server1!sessionid=189545484f9u85"
"Cookie: hrz-server2!sessionid=289545484f9u85"
....
"Cookie: hrz-server6!sessionid=685u4895454u85"
and Search for the prefix "hrz-" searching the cookie String
"server1"
"server2"
...
"server3"
to determine the right server and end up with a eos Char of "!".
On The Ace, i have to tell, how the cookie is named, but the Name of the cookie itself differs more than tow times. I think the name of thee cookie is
"hrz-server1!sessionid"
"hrz-server2!sessionid"
...
"hrz-server3!sessionid"
Is this right, that the ACE searchs the name of the cookie, or does it work like the prefix on the css and is not correctly documented?
Any Idea how i can stick the client to the right Server using a cookie like here with the ACE Module?
Sven
11-29-2006 02:31 AM
Sven,
here is how you have to do it with ACE:
class-map type http loadbalance match-all hz-server1
2 match http header Cookie header-value ".*server1.*"
Do the same class-map for each of the server.
Then create a policy like this
policy-map type loadbalance first-match LB-L7
class hz-server1
serverfarm server1
class hz-server2
serverfarm server2
class class-default
serverfarm linux1
Gilles.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: