01-29-2011 02:16 AM
Hello,
We have installed an ACE appilance in one of the client place. It is a simple requirement to load balance two physical servers with the VIP.Now customer is facing problem with their application as mentioned below
Java applet not loading while accessing via VIP, but same will work when access via real IP address. I know ACE has nothing much to do on this , Still appreciate if some one could guide me to come to a conclusion on the root cause . Below are the configurations from the ACE context.
access-list ACL-IN line 8 extended permit ip any any
probe icmp RT-ICMP
interval 30
faildetect 2
passdetect interval 30
passdetect count 2
rserver host REGERP1
ip address 10.1.0.197
probe RT-ICMP
inservice
rserver host REGERP2
ip address 10.0.3.20
probe RT-ICMP
inservice
rserver host RTTPOS1
ip address 10.0.0.17
probe RT-ICMP
inservice
rserver host RTTPOS2
ip address 10.0.0.11
probe RT-ICMP
inservice
serverfarm host REGERP
failaction purge
rserver REGERP1
probe RT-ICMP
inservice
rserver REGERP2
probe RT-ICMP
inservice
serverfarm host RTTPOS
failaction purge
rserver RTTPOS1
probe RT-ICMP
inservice
rserver RTTPOS2
probe RT-ICMP
inservice
class-map match-all REGERP-VIP
2 match virtual-address 10.0.0.99 any
class-map type management match-any REMOTE-ACCESS
2 match protocol icmp any
3 match protocol telnet any
4 match protocol ssh any
class-map match-all RTTPOS-VIP
2 match virtual-address 10.0.0.77 any
policy-map type management first-match REMOTE-MGMT
class REMOTE-ACCESS
permit
policy-map type loadbalance first-match REGERP-LOADBALANCE
class class-default
serverfarm REGERP
policy-map type loadbalance first-match RTTPOS-LOADBALANCE
class class-default
serverfarm RTTPOS
policy-map multi-match SERVERFARM-POLICY
class RTTPOS-VIP
loadbalance vip inservice
loadbalance policy RTTPOS-LOADBALANCE
loadbalance vip icmp-reply
class REGERP-VIP
loadbalance vip inservice
loadbalance policy REGERP-LOADBALANCE
loadbalance vip icmp-reply
interface vlan 100
description ---------SERVER SIDE INTERFACE--------
bridge-group 101
no normalization
no icmp-guard
access-group input ACL-IN
no shutdown
interface vlan 101
description ---------CLIENT SIDE INTERFACE---------
bridge-group 101
no normalization
no icmp-guard
access-group input ACL-IN
service-policy input SERVERFARM-POLICY
no shutdown
interface bvi 101
ip address 10.0.0.235 255.0.0.0
peer ip address 10.0.0.236 255.0.0.0
no shutdown
ft track interface VLAN_100
track-interface vlan 100
peer track-interface vlan 100
priority 100
peer priority 110
ft track interface VLAN_101
track-interface vlan 101
peer track-interface vlan 101
priority 100
peer priority 110
ip route 0.0.0.0 0.0.0.0 10.0.0.222
regards
01-30-2011 11:31 PM
Hi Shibi,
According to your configuration, you are just doing L4 load-balancing, so the ACE should not have any impact on the contents of the traffic.
I would recommend you to open a TAC service request to have this investigated further. The data that will be requested is the one below, so, it would be good if you could already gather it upfront
With this data, we should be able to tell you what the issue is.
Regards
Daniel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide