Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSS services running on remote switches.

Is it possible to get a CSS switch to load balance servers that are not directly connected. I have tried to do this for Web servers but without success. If the servers are directly connected it works fine, but if they are connected to a layer 2 switch, the CSS sees the services as alive, but no connection is established.

Is there something I am over looking?

1 REPLY
Cisco Employee

Re: CSS services running on remote switches.

Yes, it is possible to have the servers not connected to the CSS itself. The important thing here is that depending on your desing this may cause an asymetric floe, since the server response will bypass the CSS.

If you are not doing source NATing on the CSS, then the server is seeing the real client?s IP as the source IP, so it will try to respond directly to the client and will do it thru the layer 2 switch.

Since the client sent a request to the VIP on the CSS, when sees the response from the server will drop the packets.

You can configure source NATing on the CSS to prevent this issue.

Configure a group and use add destination service to add the servers, like this

group test

vip address 192.168.1.1

add destination service server1

add destiantion service server2

active

If you do not want the source NATing option, you can configure the servers to point to the CSS as their default gateway, that should prevent the asymmetric flow as well.

Hope it helps!!

123
Views
0
Helpful
1
Replies
CreatePlease to create content