Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1142
Views
0
Helpful
3
Replies

Loadbalancing 2 and routing 1 server

Go to solution
steve switzer
Level 1
Level 1

‎05-30-2012 03:22 AM - edited ‎03-01-2019 07:07 AM

Hi      All

Thanks to some help from marcel I have managed to set up a test loadbalancing environment.

However my plan was to have 2 servers loadbalanced and one just straight routed.

This doesnt work with my current setup - which is as follows -

admin context -

boot system image:c4710ace-mz.A4_2_0.bin

interface gigabitEthernet 1/1
  switchport trunk allowed vlan 121
  no shutdown
interface gigabitEthernet 1/2
  switchport access vlan 1000
  no shutdown
interface gigabitEthernet 1/3
  switchport trunk allowed vlan 122
  no shutdown
interface gigabitEthernet 1/4
  shutdown

access-list ALL line 8 extended permit ip any any
class-map type management match-any remote_access
  2 match protocol xml-https any
  3 match protocol icmp any
  4 match protocol telnet any
  5 match protocol ssh any
  6 match protocol http any
  7 match protocol https any
  8 match protocol snmp any

policy-map type management first-match remote_mgmt_allow_policy
  class remote_access
    permit

interface vlan 1000
  ip address xx.xx.253.20 255.255.255.0
  access-group input ALL
  service-policy input remote_mgmt_allow_policy
  no shutdown

context Testing-11
  description Testing Context
  allocate-interface vlan 121-122
  allocate-interface vlan 199-342
  allocate-interface vlan 1000

Testing context -

access-list EVERYONE line 8 extended permit tcp any any
access-list INBOUND line 1 extended permit tcp host  xx.xx.253.4 any

rserver host TEST-1
  ip address xx.xx.122.200
  inservice
rserver host TEST-2
  ip address xx.xx.122.201
  inservice
rserver host TEST-3
  ip address xx.xx.122.3
  inservice

serverfarm host TESTFARM
  rserver TEST-1
    inservice
  rserver TEST-2
    inservice


class-map type management match-any REMOTE-ACCESS
  2 match protocol icmp any
  3 match protocol telnet any
  4 match protocol ssh any
  5 match protocol https any
  6 match protocol http any
  7 match protocol xml-https any
class-map match-all VIP-150
  2 match virtual-address xx.xx.121.150 any
class-map match-all slb-vip
  2 match virtual-address xx.xx.121.150 any

policy-map type management first-match MGMT_TEST
  class REMOTE-ACCESS
    permit

policy-map type loadbalance first-match lb-logic
  class class-default
    serverfarm TESTFARM

policy-map multi-match CLIENT-VIPS
  class VIP-150
    loadbalance vip inservice
    loadbalance policy lb-logic

interface vlan 121
  description Clients
  ip address xx.xx.121.10 255.255.255.0
  access-group input EVERYONE
  service-policy input CLIENT-VIPS
  service-policy input MGMT_TEST
  no shutdown
interface vlan 122
  description Servers Vlan
  ip address xx.xx.122.10 255.255.255.0
  access-group input EVERYONE
  service-policy input MGMT_TEST
  no shutdown
interface vlan 1000
  ip address 10.14.253.21 255.255.255.0
  service-policy input MGMT_TEST
  no shutdown

ip route 0.0.0.0 0.0.0.0 xx.xx.121.1

Like i said TEST-1 and TEST-2 are loadbalancing ok

but i cannot get to the webserver TEST-3 ehich is not

supposed to be loadbalanced.

Thanks in advance

Steve

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcel Zehnder
Spotlight
Spotlight

‎05-30-2012 04:03 AM

Hi Steve

Theres no need to configure the third server on the ACE if you just want to route traffic to it:

no rserver host TEST-3

You may also change your ACL:

no access-list EVERYONE line 8 extended permit tcp any any

access-list EVERYONE extended permit ip any any

-Check the configuration of your Server TEST-3. Is xx.xx.122.10 configured as the default-gateway on your server?

-On your device with the IP xx.xx.121.1 (it's a router/layer 3 switch or a firewall, I think) do you have a route for your server subnet pointing to the ACE (ie ip route xx.xx.122.0 255.255.255.0 xx.xx.121.10)?

Maybe there is a layer 2 issue - your server TEST-3 is configured in vlan122, right? Could you please post the following outputs from your ACE:

show arp

show ip route

Regards

Marcel

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marcel Zehnder
Spotlight
Spotlight

‎05-30-2012 04:03 AM

Hi Steve

Theres no need to configure the third server on the ACE if you just want to route traffic to it:

no rserver host TEST-3

You may also change your ACL:

no access-list EVERYONE line 8 extended permit tcp any any

access-list EVERYONE extended permit ip any any

-Check the configuration of your Server TEST-3. Is xx.xx.122.10 configured as the default-gateway on your server?

-On your device with the IP xx.xx.121.1 (it's a router/layer 3 switch or a firewall, I think) do you have a route for your server subnet pointing to the ACE (ie ip route xx.xx.122.0 255.255.255.0 xx.xx.121.10)?

Maybe there is a layer 2 issue - your server TEST-3 is configured in vlan122, right? Could you please post the following outputs from your ACE:

show arp

show ip route

Regards

Marcel

0 Helpful

Go to solution
steve switzer
Level 1
Level 1
In response to Marcel Zehnder

‎05-30-2012 07:23 AM

hi maur.........marcel ;-)

Thanks again - i now have 3 web servers set up -

can talk to one via routing and the other 2 are supposed

to be loadbalancing.

When i do the command - sh service-policy CLIENT-VIPS detail

i can see the -

curr conns       : 1         , hit count        : 45       

incrementing - but when i look at the servers only one is incrementing

i can ping both from the ACE 4710.

Still we are getting somewhere.

Steve

0 Helpful

Go to solution
steve switzer
Level 1
Level 1
In response to steve switzer

‎05-31-2012 02:08 AM

Problem solved thanks marcel have a very nice day !!!!

0 Helpful
Customers Also Viewed These Support Documents