Hello ... my question is similar to one posted recently. But I still cannot understand the reason.
Our customer has a CSS x 2 with SCAs x 2 in a one-arm Proxy (transparent) operation.
Currently we have 3 default routes as suggested in CCO.
1 for upstream router (pointing to customer networks)
2 for the SCAs
We have defined the Service on the CSS pointing to the SCA's with type transparent-cache
I don't understand why a box would need 3 default routes (surely this will not work normally ?)
The configuration seems to work OK with one major drawback.
There seems to be a lot of problems with traffic coming from the user sites using apps ... the only workaround I have found for this is to add a static route for each remote network we want to connect to.
This is obviously VERY ANNOYING for the customer as they are expecting the CSS to default route packets to their WAN instead of having to keep raising change requests to add routes.
Please could anyone explain why this needs to happen - or is there something I am missing here ?
Could the default routes to the CSS's be replaced with something else ? I am currently nervous about proposing this without something to back up my theory.
the default routes are required for ecmp - prefer egress route to work [this is because when spoofing client ip on the SCA, the SCA is using the client ip address, so when the server respond to the client, the CSS needs to forward the response to the SCA and not the client]
As you mentioned this is a problem for some traffic.
One solution is to use an acl to match these types of traffic and use a 'prefer ' clause.
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the checklist before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)
Business impact (eg, what kind of services...
moquery usageAPIC moquerySwitchmoquery
This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.
VMware Virtual machines are hosted in Cisco UCS-B seri...