Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Load balancing between servers in the same segment

I want to configure this type of balance:

Web servers that need to access the application server:

Web1     10.231.1.9/26

Web2     10.231.1.19/26

Application servers (real servers):

App1     10.231.1.8/26

App2     10.231.1.18/26

As you can see, they are on the same network segment.

I think there might be 2 ways:

1) Use a virtual IP from this 10.231.1.64/26 segment

2) Use a virtual IP from another segment directly connected to the ACE.

I have tried the way number 2 and it is not working. I think the problem in the second case is that when the app servers receive the packets and want to return them, because the destination is a network there they are directly connected, the returning packet wont pass through the ACE.

Is there a way to make a "nat" or you recommend me to try the first method?

Thanks for your help!

Everyone's tags (4)
1 REPLY
Cisco Employee

Load balancing between servers in the same segment

Hi,

You can source NAT the traffic being forwarded from ACE(ACE will replace  the web server IP to a NAT POOL IP owned by ACE) to APP servers and that way APP servers won't return the traffic directly to web servers.

Pasting a config example for your reference:

     ==========================================================================
     One-Armed Load Balancing with VIP, Servers, & NAT Pool on the Same Subnet
     ==========================================================================


login timeout 0

access-list ANYONE line 10 extended permit ip any any

rserver host SERVER_01
  ip address 192.168.1.11
  inservice
rserver host SERVER_02
  ip address 192.168.1.12
  inservice
rserver host SERVER_03
  ip address 192.168.1.13
  inservice

serverfarm host REAL_SERVERS
  rserver SERVER_01
    inservice
  rserver SERVER_02
    inservice
  rserver SERVER_03
    inservice

class-map match-all VIP-30
  2 match virtual-address 192.168.1.30 tcp eq www

class-map type management match-any REMOTE_ACCESS
  description remote-access-traffic-match
  2 match protocol telnet any
  3 match protocol ssh any
  4 match protocol icmp any

policy-map type management first-match REMOTE_MGT
  class REMOTE_ACCESS
    permit

policy-map type loadbalance first-match SLB_LOGIC
  class class-default
    serverfarm REAL_SERVERS

policy-map multi-match CLIENT_VIPS
  class VIP-30
    loadbalance vip inservice
    loadbalance policy SLB_LOGIC
    loadbalance vip icmp-reply active
    nat dynamic 1 vlan 451

interface vlan 451
  description Servers vlan
  ip address 192.168.1.2 255.255.255.0
  access-group input ANYONE
  service-policy input CLIENT_VIPS
  nat-pool 1 192.168.1.10 192.168.1.10 netmask 255.255.255.0 pat
  no shutdown

ip route 0.0.0.0 0.0.0.0 192.168.1.1


Let me know if you have any questions.

Regards,
Kanwal
619
Views
0
Helpful
1
Replies
CreatePlease login to create content