Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Newbie needs CSS setup help

Hi there. First, I'm brand new to the world of CSS, trying to move up from a pair of old localdirectors.

I'm attempting to setup two CSS 11501's in a HA configuration, and I want to have a load balanced address (VIP address?) in the same subnet as the servers that will be load-balanced.

I also want the CSS's to be redundant, but I'm not sure which method-- box2box, or ASR, or VIP reduncancy -- is right for my desired setup.

Can anyone out there give some advice for this setup?

Thanks in advance,

--Brandon

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Newbie needs CSS setup help

1 virtual-router can be used for multiple VIP.

So, you can get rid of virtual router 2.

You have configured a one-armed setup.

So, you have to make sure all traffic goes back to the CSS.

One-armed seems easy to deploy because it does not require readdressing servers/routers.

However, it requires a lot of attention to make sure the traffic goes back to the CSS and that there is no asymetric routing.

If you can, you should consider a different solution with a client vlan and a server vlan.

Gilles.

6 REPLIES
Cisco Employee

Re: Newbie needs CSS setup help

I would not chose box-to-box redundancy because the failover time is around 40sec compare to the 4 sec for vip redundancy.

ASR is something you add on top of vip redundancy if you want to have stateful failover. This is not mandatory.

Your config seem to be pretty basic, so you should be able to find a lot of sample configs on this website.

Gilles.

Bronze

Re: Newbie needs CSS setup help

Thanks for your respone Gilles. I have a follow up question:

Is it standard practice to have both incoming and returning traffic routed through the CSS? In my current setup, the default gateway on the load-balanced servers is the same as the non-load-balanced machines.

The reason I ask is because I don't see how to configure the redundant IP for the Content groups. I can see how to configure redundancy for the VLAN circuit, but I don't think that's what I necessarily want. I only need redundancy in the content group ip.

Also, should the servers be plugged direclty in to the CSS or can they be be plugged into the main distribution switch?

Thanks again,

--Brandon

Cisco Employee

Re: Newbie needs CSS setup help

Brandon,

the servers can be attached to a switch.

As long as there is a path between servers and CSS it is fine.

For redundancy, you do vip redundancy on the client side, where traffic is coming in and you do interface redundancy on the server side.

You use the redundant interface ip address as the default gateway for the servers. This works like HSRP in the router world.

The CSS MUST see the response from the server to perform the reverse-nating server -> vip.

Regarding the traffic going through the CSS, it is recommended to avoid sending useless traffic through the CSS.

If you can move unecessary servers to a different vlan or simply configure them to use a different gateway, that would be best.

Gilles.

Bronze

Re: Newbie needs CSS setup help

Thanks again for all your help. I think I've got a config ready that will work and provide the HA that we require.

I've included the non-descrip version of the config below. Can you let me know if you see anything that will cause any major problems?

Non-descrip version

!*************************** GLOBAL ***************************

app

app session 192.168.0.2

ip route 0.0.0.0 0.0.0.0 10.0.0.1 1

!************************* INTERFACE *************************

interface e8

bridge vlan 2

!************************** CIRCUIT **************************

circuit VLAN1

ip address 10.0.0.10 255.255.255.0

ip virtual-router 1 priority 101 preempt

ip virtual-router 2 priority 101 preempt

ip redundant-interface 1 10.0.0.12

ip redundant-vip 1 10.0.0.201

ip redundant-vip 2 10.0.0.203

ip critical-service 1 upstream_switch

ip critical-service 2 upstream_switch

circuit VLAN2

description "CSS-CSS Link"

ip address 192.168.0.1 255.255.255.0

!************************** REPORTER **************************

reporter r1

type vrid-peering

vrid 10.0.0.10 1

vrid 10.0.0.10 2

active

!************************** SERVICE **************************

service server1

ip address 10.0.0.40

port 9999

active

service server2

ip address 10.0.0.41

port 9999

active

service server3

ip address 10.0.0.42

port 9999

active

service server4

ip address 10.0.0.43

port 9999

active

service upstream_switch

ip address 10.0.0.2

active

!*************************** OWNER ***************************

owner Owner1

content Group_1

protocol tcp

port 9999

add service server1

add service server2

vip address 10.0.0.201

balance weightedrr

active

owner Owner2

content Group_2

protocol tcp

port 9999

add service server3

add service server4

vip address 10.0.0.203

balance weightedrr

active

Cisco Employee

Re: Newbie needs CSS setup help

1 virtual-router can be used for multiple VIP.

So, you can get rid of virtual router 2.

You have configured a one-armed setup.

So, you have to make sure all traffic goes back to the CSS.

One-armed seems easy to deploy because it does not require readdressing servers/routers.

However, it requires a lot of attention to make sure the traffic goes back to the CSS and that there is no asymetric routing.

If you can, you should consider a different solution with a client vlan and a server vlan.

Gilles.

Cisco Employee

Re: Newbie needs CSS setup help

Brandon,

Here's a sample CSS config:

http://www-search.cisco.com/en/US/products/hw/contnetw/ps792/products_configuration_example09186a008016c8e5.shtml

Here's a document that describes the migration from LD to CSS:

http://www-search.cisco.com/en/US/products/hw/contnetw/ps792/products_white_paper09186a00801bd4ae.shtml

Regarding the redundancy portion it really depends on your requirements.

1) Box-to-box is similar to the LocalDirector's failover mechanism in that only one box is actually recieving traffic at a time

2) ASR is useful if you need to replicate connections to the backup box (LocalDirector had similar behavior with the 'replicate' option)

3) vip and interface redundancy can be useful if you have a more complex setup where you might want to perform an active-active

You can read more about these different types here:

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_750/redundgd/index.htm

Good luck.

-Chip

131
Views
15
Helpful
6
Replies
CreatePlease login to create content