You will need to use source group to NAT the client's source IP so that the end server doesn't respond directly back to the client but instead goes back to the CSS.
Issue is that when WEB1 sends request to VIP configured for DB servers the CSS will select either DAT1/DAT2 and will hand over the traffic to the DAT1/DAT2. Now from DAT1/DAT2 perspective the source-address of this request is from WEB1 and since both WEB & DAT servers share same L2 VLAN it will attempt to send the response back to WEB1 directly using ARP(bypassing CSS and making the connection Assymetric). Since WEB1 sent request to VIP not DAT1/DAT2 ip , WEB1 will drop the response.
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the checklist before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)
Business impact (eg, what kind of services...
moquery usageAPIC moquerySwitchmoquery
This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.
VMware Virtual machines are hosted in Cisco UCS-B seri...