CSM - Server to Server

m-poole · ‎03-24-2006

I'm having several issues trying to configure a CSM, positioned in a Cat 6509.

I believe our configuration is "one-armed" based on advice from our SE, though I've deviated so much from our initial config this may not still be the case!

As a simple test before rolling out we have set up telnet servers in one of our Server VLANs. We have found the following:

1. Users in other VLANs can connect OK at all times. In outputs these users are in 172.16.100.x

The following two symptoms appear to switch, with only one working at any time:

1. Servers in the same VLAN as the Telnet servers sometimes work. Servers in subnet 172.16.99.x

2. The servers operating as Telnet servers sometimes work. Server in output is 172.16.99.190

The setup is as per the doc CD - http://makeashorterlink.com/?Y14031ADC

I suspect the issue is related to NAT - it can be seen from the "show mod csm x conns" command that the connection not working is not being PAT'd - both TX and RX use port 1124.

Attached is my config and the output of a couple of show commands.

Thanks in advance.

Gilles Dufour · ‎03-24-2006

Your config looks good on the CSM.

The problem is that server 172.16.99.190 comes in on vlan 40 while server 172.16.99.194 comes in on vlan 11.

When coming on vlan 11, the traffic is correctly nated.

So, the question is why is server 172.16.99.190 coming on vlan 40 ???

What is the route from 172.16.99.190 to 172.16.102.2 ??

What is the default gateway for this server ?

Is it the CSM ?

Check your server routing and make sure traffic comes in on vlan 11 and you should be all set.

Gilles.

m-poole · ‎03-27-2006

Thanks for the response.

Your post prompted me that I was heading away from the original requirement - one armed design, The Default Gateway for servers is the MSFC.

I've stepped back a few stages and applied a nat pool and "client nat", then everything starts to work.

There wasn't any mention in the Data Centre CSM design guide of a requirement for NAT.

Thanks again.

m-poole · ‎03-27-2006

If it is of value my final config is below:

module ContentSwitchingModule 1

variable ROUTE_UNKNOWN_FLOW_PKTS 2

!

ft group 1 vlan 4

priority 20

preempt

!

vlan 40 server

ip address 172.16.96.67 255.255.255.248

gateway 172.16.96.70

alias 172.16.96.69 255.255.255.0

!

natpool CSM_ALIAS 172.16.102.2 172.16.102.2 netmask 255.255.255.0

!

probe PING icmp

interval 2

retries 1

failed 2

!

serverfarm FORWARD

no nat server

no nat client

predictor forward

!

serverfarm TELNET

nat server

nat client CSM_ALIAS

real 172.16.99.190

inservice

real 172.16.99.191

inservice

probe PING

!

vserver CATCHALL

virtual 0.0.0.0 0.0.0.0 any

serverfarm FORWARD

persistent rebalance

inservice

!

vserver TELNET

virtual 172.16.102.2 tcp telnet

vlan 40

serverfarm TELNET

advertise active

persistent rebalance

inservice

!

ip access-list extended CSM-ACL

permit tcp any any eq telnet

!

route-map CSM-POLICY permit 10

match ip address CSM-ACL

set ip default next-hop 172.16.96.69

!

interface vlan 11

ip policy route-map CSM-POLICY