Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1274
Views
0
Helpful
2
Replies

Access Server through VIP (ACE 4710) but very slow

premsaw23
Level 1
Level 1

‎10-31-2012 02:20 AM

Re:  Access Server through VIP (ACE 4710) but very slow

Hi Shiva

Kindly  Help .....Accessing the server very slow.., Plz check my real  configuration... this configuration is for application server and after  this i have to configure more serverfarm for different server like  webmail etc. in this ACE 4710. I have only one ACE 4710 .

ACE Version A4(2.0) = is there supports Probe with this version.???  without probe server will work but very slow. And plz guide Nat-pool is required

VIP :-- 172.16.15.8

LB/Admin# sh run

Generating configuration....

no ft auto-sync startup-config

logging enable

logging host 172.29.91.112 udp/514

resource-class RC1

  limit-resource all minimum 10.00 maximum unlimited

boot system image:c4710ace-mz.A4_2_0.bin

hostname LB

interface gigabitEthernet 1/1

  description Management

  speed 1000M

  switchport access vlan 1000

  no shutdown

interface gigabitEthernet 1/2

  description clientside

  switchport access vlan 30

  no shutdown

interface gigabitEthernet 1/3

  description serverside

  switchport access vlan 31

  no shutdown

interface gigabitEthernet 1/4

  no shutdown

context Admin

  description Management

  member RC1

access-list everyone line 8 extended permit ip any any

access-list everyone line 16 extended permit icmp any any

probe http probe1

  description health check

  interval 5

  passdetect interval 10

  request method head

  expect status 200 200

  open 1

rserver redirect https_redirect

  description redirect traffic to https

  webhost-redirection / 302

  inservice

rserver redirect maintenance_page

  description maintenance page displayed

  webhost-redirection /sry.html 301

  inservice

rserver host web1

  ip address 192.168.10.3

  inservice

rserver host web2

  ip address 192.168.10.4

  inservice

rserver host web3

  ip address 192.168.10.5

  inservice

serverfarm host http

  rserver web1

    inservice

  rserver web2

    inservice

  rserver web3

    inservice

serverfarm redirect https_redirect_farm

  description Redirect traffic to https

serverfarm redirect maintenance_farm

  description send user to maintenance page

parameter-map type connection paramap_http

  description parameter connection tcp

  exceed-mss allow

sticky ip-netmask 255.255.255.0 address source Sticky_http

  timeout activeconns

  serverfarm http

class-map match-all REMOTE-ACCESS

class-map type management match-any remote_access

  2 match protocol xml-https any

  3 match protocol icmp any

  4 match protocol telnet any

  5 match protocol ssh any

  6 match protocol http any

  7 match protocol https any

  8 match protocol snmp any

class-map match-all slb-vip

  2 match virtual-address 172.16.15.8 tcp eq www

policy-map type management first-match remote_access

  class class-default

    permit

policy-map type management first-match remote_mgmt_allow_policy

  class remote_access

    permit

policy-map type loadbalance first-match slb

  class class-default

    serverfarm http

policy-map type inspect http all-match slb-vip-http

  class class-default

    permit

policy-map multi-match client-vips

  class slb-vip

    loadbalance vip inservice

    loadbalance policy slb

    loadbalance vip icmp-reply active

    inspect http policy slb-vip-http

    connection advanced-options paramap_http

interface vlan 30

  description "Client Side"

  ip address 172.16.15.24 255.255.255.0

  access-group input everyone

  service-policy input client-vips

  no shutdown

interface vlan 31

  description "Server Side"

  ip address 192.168.10.1 255.255.255.0

  service-policy input remote_access

  no shutdown

interface vlan 1000

  description managment

  ip address 172.29.91.110 255.255.255.0

  service-policy input remote_mgmt_allow_policy

  no shutdown

ip route 0.0.0.0 0.0.0.0 172.16.15.1

snmp-server contact "PHQ"

snmp-server community phq group Network-Monitor

snmp-server trap-source vlan 1000

username admin password 5 $1$b2txbc5U$TA74D920oSdd2eOZ4hSFe/  role Admin domain

default-domain

username www password 5 $1$.GuWwQEK$r8Ub4OcE3l190d5GA4kvR.  role Admin domain de

fault-domain

username prem password 5 $1$8C7eRKrI$it3UV4URZ26X4S/Bh6OEr0  role Admin domain d

efault-domain

ssh key rsa 1024 force

banner motd # "ro" #

Regards,

Prem

Labels:
0 Helpful
2 Replies 2

sivaksiv
Cisco Employee
Cisco Employee

‎11-01-2012 03:31 AM

Hi Prem,

Is this working fine when you access the server directly? If so take a packet capture for both scenario and verify if any difference or raise a TAC case so we can take a look.

HTH

-

Siva

0 Helpful

premsaw23
Level 1
Level 1
In response to sivaksiv

‎11-07-2012 12:55 AM

Hi Shiva,

plz guide i'm new with ACE LB, also find my n/w design for connected ace to server. but server accessing very very slow, but when i connect through my old server software LB (with two interface)then accessing very fast. I just replace my old serverLB(with two interface) to ACE4710 and connect the same scenario then why not server accessing smoothly with VIP .Reply soon only I connect ACE's two interface with switch.....

Regards,

Prem

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents