Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
2
Replies

CSM-BridgeMode with Multiple client-server vlan pairs

javiercastro
Level 1
Level 1

‎08-20-2008 03:49 PM

I am currently running a CSM (bridge mode) with the following configuration:

vlan 110 client

ip address 192.168.223.131 255.255.255.192

gateway 192.168.223.129

!

vlan 223 server

ip address 192.168.223.131 255.255.255.192

!

serverfarm HTTPSFARM

nat server

no nat client

real 192.168.223.136

inservice

real 192.168.223.137

inservice

!

vserver HTTPSVIP

virtual 192.168.223.135 tcp https

serverfarm HTTPSFARM

persistent rebalance

inservice

!

The CSM is running "behind" a FWSM installed in the same 6500, therefore vlan 110 corresponds to DMZ configured in the firewall. The gateway configured under vlan-client 110 is the IP address of the DMZ interface, FWSM is in charge of routing traffic out of the 6500. Everything is working fine.

I had to move two servers to a different DMZ in the same FWSM and now I need to load balance between them. Is it possible to configure a new client-server vlan pair in order to accomplish it? What about the gateway configuration? Should I configure the IP address of the new DMZ in this new client vlan?

I have been reading about some issues with CSM routin in presence of more than one gateway configured.

Thanks for your cooperation.

Labels:
0 Helpful
2 Replies 2

Syed Iftekhar Ahmed
Level 8
Level 8

‎08-20-2008 04:35 PM

You can have multiple pairs of vlan in bridge mode.

Since you will be using bridge mode (Where CSM doesnt route) there shouldnt be any routing issues. The gateway command in bridge mode doesnt route the server traffic. In bridged mode it is used for management traffic (tftp, probe, ping etc...) and when server farm is configured with "predictor forward".

Adding gateway command under vlan config helps CSM to proactively learn MAC address of the gateway. For this reason I would recommend using gateway under vlan config (even if it is not used for routing by CSM).

In routed mode (when CSM is defined as Real server's default gateway) then gateway command is used by CSM for routing the server traffic.

The issues you have read are probably related to routed mode.Multiple client vlans in "routed mode" (where you are using multiple gateways on different vlans)can cause routing issues for server originated connection.

Syed

0 Helpful

javiercastro
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎08-21-2008 06:19 AM

Many thanks my friend!

0 Helpful
Customers Also Viewed These Support Documents