I am using the router mode load balancing. I checked the documentation and found that the VIP (virtual serer IP) is always the IP address on the Client vlan. The only time i saw the VIP on the server LAN is when we are using Direct Access.
My question is can we use a virtual ip address on the Server LAN and load balance it to few real servers in the same Server LAN and with NAT of course.
Yes, you can configure VIPs in the server VLAN IP subnet, there are no problems: as you say, the only thing to keep in mind is that if source and destination devices are on the same L2 domain, you need to use source NAT to make sure that return traffic does not bypass the CSM.
An example of VIP in a server VLAN can be found here:
Also, you might want to configure the vserver with the "vlan" option so that you limit the VLAN from which the devices can connect to that vserver.
As a side note, keep in mind that virtual servers (VIPs) on the CSM can be in any IP subnet, including subnets that are not configured on the CSM itself (in this case, the adjacent device needs to have a route of some sort pointing to the CSM.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...