The ACE20-MOD-K9 have the functionality to do translations for ports, that is, for example, that a request received on port 443 is sent to the server on port 8443,and what would be the impact to the current context NAT configurations?
There is functionality to accommodate digital certificates balancers and not on the servers? and resource impact of this?
At this moment we work with persistence on a class C subnet mask, what would be the impact of CPU and memory if we apply the persistence on a host mask?
Have any impact on resources create a persistence settings for cookies?
Even if there is no NAT configured, if you configure rserver with port under serverfarm, when your request is received on VIP, ACE will forward the request back to rserver on port which have you specified in serverfarm. It has nothing to do with NAT. May be you can elaborate your question a bit.
SSL termination will take the load off of servers so that ACE does the SSL handshake and takes care of encryption and decryption processes. It has its impact on performance but depends upon the usage and capacity. I would recommend going through the performance guide for the same and it holds true for your other questions as well.
It depends how much ACE is already being used and how much you are planning to add. This is something you should plan and read ACE capacity/performance specifications and configure accordingly. I cannot give you any concrete numbers. You can check data sheets and other guides.
If you configure a network mask other than 255.255.255.255 (/32), the ACE module may populate the sticky entries only on one of its four/two network processors which may reduce the number of available sticky entries by 25/50 percent. This reduction in resources may cause problems when heavy sticky use occurs on the ACE module.
So it is better to use to 255.255.255.255. as the mask for optimal performance.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...