Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
449
Views
0
Helpful
1
Replies

CSS - Backend server with Multiple interfaces

rajesh.perumalla
Level 1
Level 1

ā€Ž02-24-2010 07:08 PM

Hi,

I am having setup with a single server with multiple interfaces common routing table configured in the same vlans behind the CSS.

CSS front end - 10.2.1.0/24

CSS back-end - 10.3.1.0/25

The server interfaces are in diferent vlan (10.5.1.0/24) to that of the  CSS and configured as the services in the CSS and defined group definition

for performing SNAT.

How does the CSS behave if the traffic to and from the server is comming from the different interfaces.

Thanks

Raj

Labels:
0 Helpful
1 Reply 1

busterswt
Level 1
Level 1

ā€Ž02-26-2010 05:30 AM

If I'm understanding your configuration correctly, traffic destined to a VIP on the CSS that contains services in the 10.5.1.0/24 VLAN would likely be routed back out the front-side of the CSS (or wherever the default route goes) if the CSS is not IP'd from the 10.5.1.0/24 subnet. Or, you can have a static route to the 10.5.1.0/24 subnet on the CSS to go out the backend interface.

Are you using 'add destination service' in your source group rule? If so, the CSS will NAT the client's address as whatever address you have specified in the group rule, and then send traffic to the service chosen for load balancing. The return traffic would then come back to the CSS, the NAT reverted, and then sent back to the client. Because of this, you'll never see the true client source IP on your server. Only the IP specified in the group rule.

If I am misunderstanding your config let me know.

James

0 Helpful
Customers Also Viewed These Support Documents