We have many server farms,where will be connected many clients and server farms will be connected to each other via virtual IP. And we want to do next design:
all servers're connected to catalyst 6500 and CSS connect to 6500 on one-armed design. For each server farm we create own subnet and own VLAN. But all these vlans we are configure on CSS, not on 6500. 6500 for these vlans will be as Layer2 switch. So all traffic to and from servers and between vlans will must go through CSS and CSS will be route it (not 6500). So we dont need configure SNAT for correct traffic. Is this design working? Or we're lose sight of smth?
> You could also have the client vlans routed by the MSFC and the server vlan routed by the CSS and 1 vlan between CSS and MSFC for routing between clients and servers.
Gilles, It also is that design which we wish to apply.
Of cause we didnt want to route all vlans by CSS, only servers. Just we have CSS11503,cat6k and a lot of servers and a need to create a lot of server farms,which can communicate with each other via VIP and with clients from far nets. Therefore we have found this design the best.
As to policy routing...if we have one subnet for all server farms, policy routing not help in traffic between servers must go through CSS. if we have separate subnets for each farm, policy routing not change situation and traffic to and from servers will be routed by CSS (and also by cat6k). Or I dont understand correct what you want to say?
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...