Is it possible to configure the CSS11051 to balance http servers behind a firewall cluster?
We put the CSS in a proxy zone of our Symantec Enterprise Firewall Cluster to balance our direct attached SSL Terminators. Now we want to balance the webservers on the internal LAN of the firewall cluster based on Rainwall. It works, but if we shut down the firewall with the virtual IP something strange happens:
1. The services are up and I can see the keepalives going through the other firewall but the packets with the payload still going to the MAC Address of the broken firewall.
Is the service designed to use MAC Adresses and not to look in the ARP Table and why work keepalives different ?
Are these new connections? or Do you see the CSS forwarding new SYNs to the old MAC? What version?
CSCdy46189 When a Gratuitous ARP (GARP) was received the CSS would not update existing flows with the new MAC and thus existing flows would be sent from the CSS would the incorrect MAC and be dropped. Only new flows and new keepalive requests were using the updated ARP information.
after updating the IOS I can still see the old Mac-Address in the requests to the firewall. Also new connections to the content use the old Mac but the Arptable is up to date and the service checks are positiv. Why are the services alive while connects to the service fail, using the old Mac.
The unmanaged mode is also known as Network only switching, which is introduced in Brazos release. It adds the flexibility for customer to use only network automation for service appliance.
If a device is configured a...
Usually, we can access ESXi Shell by pressing Alt+F1 from ESXi DCUI (Direct Console User Interface).
But on HyperFlex system, it just shows black window.
This is expected behavior because HyperFlex redirects ESXi Shell output to SoL...
Configuring an Export Policy Using the GUI
This procedure explains how to configure an Export policy using the APIC GUI. Follow these steps to trigger a backup of your data:
On the menu bar, choose Admi...