Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSS- traffic orignating from real server + Virtual interface

Hi all,

I am designing a solution at the moment, in which I shall have 2 servers behind a pair of CSS & their default gateway will be the Virtual Interface ip address of CSS.

Is there any problem forseen in traffic getting initiated from the server to any other subnet in the network and the return traffic to the server.

Servers shall connect to a pair of 3750 being used as L2 in stack .

The Stacked 3750's shall be placed below the CSS pair & the CSS pair shall further connects to a single 6509 upstream....

Each 3750-L2 connects single port to each CSS

(3750-L2-1 to CSS1 &

3750-L2-2 to CSS 2)

Both CSS connect to the SINGLE 6509 on diff blades. for better redundency.

The CSS shall not be connected to each other directly.

Both 3750-L2 connect to each other as well

IIS-1---L2_Sw1---CSS1---6509---Othr_Subent

IIS-1---L2_Sw2---CSS2---6509---Othr_Subent

Note: I shall have VIP/Virtual Interface config on my CSS's.

Appreciate validation and recomendations on this design.

Many Thanks,

gagan

2 REPLIES
Cisco Employee

Re: CSS- traffic orignating from real server + Virtual interface

Gagan.

Perfect. No worries there.

This is the most frequent and I would say most reliable design.

Gilles.

New Member

Re: CSS- traffic orignating from real server + Virtual interface

Hi Gilles,

Many thanks for the confirmation.

***************************

Request verification on the below as well~

1. With the above scenario; I do not require any group (NAT) configuration, either for my servers initiating traffic for going out or for clients hitting the VIP to reach servers. The client & server shall be in diff VLAN?s of course.

2. With VIP & Virtual Interface configuration & couple of server VLAN's below on server side, I should be able to use both the gigabit interfaces on the 11503 to connect up and down stream as TRUNK. I mean to ask Virtual intf. & VIP has no problems working on the same TRUNK interface?

3. I understand that Fate sharing and critical service helps full failover (client & server side).

As an upstream router or L3 switch fails or the upstream connecting gigabit interface on CSS fails, the failover happens.

Will the same be applicable to downstream L2 switch & CSS interface failure? If any of these on the downstream fails will the CSS failover to the standby unit.

I think this above should work, just need confirmation coz I have not done this before.

Thanks a lot again,

Gagan

155
Views
5
Helpful
2
Replies