Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1307
Views
13
Helpful
18
Replies

11500 GSLB Newbie - help needed

acomiskey
Level 10
Level 10

‎03-30-2007 11:10 AM

I'm new to this equipment so bear with me. I am hoping to get a "plain english" explanation about the following doc. Here is my situation. I have 2 sites, a main and a backup, different networks, geographically remote with a point to point connection between the two. I also have a l2l tunnel between the two if it is needed. I have a web application I need to establish some redundancy for. If site A or webserver A goes down I need traffic to be directed to Site B Webserver B. Easy enough probably, according to the doc, it sounds like this is what I need to do, but I must be missing something. Any further explanation would be helpful and appreciated.

Basic Global Load Balancing Site Redundancy Using the CSS with DNS

http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_configuration_example09186a00801dcd75.shtml

Labels:
0 Helpful
18 Replies 18

acomiskey
Level 10
Level 10
In response to joquesada

‎04-04-2007 11:32 AM

Ok, I think I have one more issue before I move forward with this. I have read somewhere that the CSS needs to be inline with all client/server traffic.

For the above GSLB scenario, does the CSS need to be inline with all the traffic from client to server?

Can the CSS reside on the "DMZ" and be the authoritative DNS for a server on the "inside"?

In this case a 5510 would contain static 1 to 1 nat's for the CSS in the DMZ, the 2 servers in the DMZ (directly attached to CSS) and 1 server on the inside (not inline with CSS). Possible?

I think what I'm looking at is a one armed config?

0 Helpful

joquesada
Level 1
Level 1
In response to acomiskey

‎04-08-2007 01:37 PM

Hi,

Your network setup doesn't needs to be inline for this work; but you need to control the flows and make sure that the servers go trough the CSS when answering back, otherwise the sessions of your clients would be broken. All this means that you need to control the routing on your network and avoid assymetric flows from occuring.

Regarding the DNS question, yes, the CSS can be on the DMZ and be the authoritative DNS for the servers inside, as long as the final reponse to the queries made for the domains running on the CSS are made to the CSS.

Regarding NAT, you can have static 1 to 1 NAT and it shouldn't be a problem, it all depends on a good configuration and the proper control of the routing within the network.

Thanks & Regards,

Jose.

acomiskey
Level 10
Level 10
In response to joquesada

‎04-09-2007 05:13 AM

thanks again Jose!

0 Helpful

acomiskey
Level 10
Level 10
In response to acomiskey

‎04-16-2007 08:09 AM

Another thing missing in the documentation, which may help another CSS beginner is

acl enable

on the secondary CSS. The secondary CSS was not preferring the main site and I was not getting any hits on the acl, added the command and now all is working.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card