Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SLB with PBR for Transparent Proxy

Don't know if this is even possible, so I am looking for anyone with the know how to either confirm or deny if my setup is correct, or if I need to readjust my thinking.

I am attempting to set up a transparent squid-cache server for about 1000 users. I am juggling between WCCP (though I have had some performance issues that I didn't see using PBR in a test environment) and PBR, but if I decide on PBR, would like some of the level of redundancy and load-balancing the WCCP allows.

My question I guess then is, can I policy route www traffic to a virtual server ip address and rely on SLB do balance between the real ips I set up in my serverfarm? I have been attempting this configuration on a 6509 with no success.

This is what I have done so far:

Configured ACL to define traffic for route-map

Route map matches created ACL and sets next hop to that of the virtual server configured in slb.

Applied policy map inbound on vlan interface.

SlB - defined serverfarm, real ips, vserver with tcp port 80. Linked vserver IP to serverfarm.

This is what is working:

If I manually configure my browser to use the virtual servers IP address with port 80, it works great. SLB forwards the packets between my 2 squid servers and I see entries into the access.log. If in my route-map statement I set next hop to that of one of the physical interfaces of my squid servers, again, everything works fine, but if the next-hop statement is that of vserver ip, It seems to just route the traffic to the vserver IP address as an extra hop, but never gets to my cache servers. Please help if you have any advice. Thanks so much.