Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
4
Helpful
3
Replies

CSS - Configs

sundarr
Level 1
Level 1

‎01-20-2006 01:54 AM

Hi

Have some basic queries rleated to CSS configuration.

Total two sites are present in the network and both sites are having CSS.

In a Cluster environment, one server is connected to 1st network CSS and VIP is being assigned and second server is connected to 2nd network CSS and VIP is being assigned.

What are the basic configuration parameters one should consider for doing load balancing between these two servers.

( 1st Server NA request should get go to the 2nd Server) Also have to configure Source NAT compared to Destination NAT which is default in CSS.

regards

R.Sundara Rajan

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎01-20-2006 02:11 AM

what you need is something like this

server local

ip x.x.x.x

active

server remote

ip x.x.x.x

active

owner XXXXX

content xyz

vip x.x.x.x

add service local

primarysorryserver remote

active

!

group xyz

vip x.x.x.x

add destination service remote

[add destination service local]

active

The group is to nat the source ip to guarantee that the response from the remote server will come back to this css, so it can be forwarded to the client after doing reverse nating of the vip address.

If you are in one-armed mode, you may also need to do client nat for the local server.

Finally, if your traffic is http only, you could configure 'service remote' as an HTTP redirect to the remote vip.

This will avoid traffic having to go from one site to the other.

You can find easily on this website sample config for css http redirect configuration.

Regards,

Gilles.

Thanks for rating this answer.

sundarr
Level 1
Level 1
In response to Gilles Dufour

‎01-20-2006 02:51 AM

Hi Gilles,

Thanks for responding to my query.

Can you brief more on the below ---

If you are in one-armed mode, you may also need to do client nat for the local server---

Traffic can be any request in the network. It cannot be assured of only a HTTP traffic .

regards

R.Sundara Rajan

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to sundarr

‎01-20-2006 05:40 AM

if you are in one-armed mode, the CSS, the servers and the gateway are all in the same subnet and the response from the server may bypass the CSS.

Therefore, one solution usually implemented is to do client nat on the css which will force the servers to respond to the CSS.

If you want to do this, you need the command that I added under bracket previously 'add destin service local'.

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents