The answer is no, but the proper way to do it is yes.
Because virtuals are generally public ips, most people have a private network for their servers. However, with the CSS being used in alot of internal applications for internal users, we see many instances where the VIP and internal servers are on the same subnet (vlan)
Please keep in mind here that one major drawback to doing this is that client sessions need to see the return packet from the CSS come back with a source of the VIP, and if the backend servers (being on the same vlan as a client) respond back to the client thereby bypassing the CSS, the client session will reset as an asymetric flow. We see alot of this and find that people need to setup NATing on the CSS to NAT all server responses to that of the VIP address to guard against asymetric flows.
Thanks for your help. One more question, does the Content Switch forward MAC Addresses to Catalyst Switches so that users can still communicate with the individual servers? I'm trying to avoid having to change the server IPs or having to put static routes in my routers.
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the checklist before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)
Business impact (eg, what kind of services...
moquery usageAPIC moquerySwitchmoquery
This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.
VMware Virtual machines are hosted in Cisco UCS-B seri...