ACE 4710 server load balancing

Pushpendra Tiwari · ‎07-08-2012

Hi Guys,

I need your help on the Cisco ACE 4710 devices.

We have two Cisco ACE 4710 and we want to install both of the devices in HA with load balancing mode.While i have done HA mode configuration between ACE 4710.But unable to configure load balancing configuration between them.

i want to tell you connectivity between server,client & loadbalancer.

Our Web servers are connected to VLAN 152 on the L3 (3750) switch.Which are alreday working in redundancy between other L3.And ACE 4710 it is also connected to vlan 150 which are connected to same L3 (3750) switches and users are also connected to vlan 6 on the same L3 itself.

So could you suggest us which kind of configuration we need to do on the load balancers.

I am requesting you to kindly help us.

Regards,

Pushpendra Tiwari

gaursin2 · ‎07-08-2012

Hi Pushpendra,

i didn't qutie understand you question. i guess your requirement is to configure two ACE boxes such that they are in HA, and simultaneoulsy both of them providing loadbalcning functionality for traffic like active-active scenrioes. So if this is case then you can use context feature in ACE and create multiple contexts serving various application, such that one of the context is active on 1st ACE while another context active on another ACE.

Pushpendra Tiwari · ‎07-13-2012

Hi Team,

I have alreday created Mgmt Vlan which is connecteing to ACE to L3 switches in failover mode(Means one ACE connected to 1st L3 and anathor ACE to 2nd L3 3750) and working fine.Servers are connected to VLAN 152 (172.20.152.0) on the L3 switch which is also working HSRP mode and doing IP routing and users (172.20.6.0) are connected to VLAN 6 on the anathor L2 which is trunking VLAN to L3.

We have 2 Exchange servers, 2 Lync servers, 2 Sharepoint and 2 SQL servers. users is connecting perfectly through L3 switch. I want to deploy virtual IP for all the servers so that servers load can balance through ACE.

So please help which mode will be better for US.

Routing or one armed mode I am so confused about this.

Appriciated your response.

configuration are given below for ACE failover.

SPM-LB-ACE-1/Admin# sh run

Generating configuration....

resource-class LoadBalancingResources

limit-resource all minimum 0.00 maximum unlimited

boot system image:c4710ace-mz.A4_2_0.bin

peer hostname SPM-LB-ACE-2

hostname SPM-LB-ACE-1

interface gigabitEthernet 1/1

channel-group 48

no shutdown

interface gigabitEthernet 1/2

no shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

shutdown

interface port-channel 48

switchport trunk native vlan 350

switchport trunk allowed vlan 50-350

no shutdown

class-map type management match-any remote-access

description remote-access-traffic-match

2 match protocol telnet any

3 match protocol ssh any

4 match protocol icmp any

5 match protocol http any

6 match protocol https any

policy-map type management first-match remote-mgmt

class remote-access

permit

interface vlan 350

ip address 172.20.150.101 255.255.255.0

alias 172.20.150.100 255.255.255.0

peer ip address 172.20.150.102 255.255.255.0

service-policy input remote-mgmt

no shutdown

ft interface vlan 300

ip address 172.100.100.102 255.255.255.0

peer ip address 172.100.100.100 255.255.255.0

no shutdown

ft peer 1

heartbeat interval 300

heartbeat count 20

ft-interface vlan 300

query-interface vlan 350

ft group 3

peer 1

peer priority 110

associate-context Admin

inservice

ip route 0.0.0.0 0.0.0.0 172.20.150.1

context LoadBalancing

allocate-interface vlan 50-200

member LoadBalancingResources

context WAAS

description WAAS Virtual Device

allocate-interface vlan 50-150

ft group 1

peer 1

peer priority 110

associate-context LoadBalancing

inservice

ft group 2

peer 1

peer priority 110

associate-context WAAS

inservice

username admin password 5 $1$dhuBvI2w$GccVxVRrPyDmiNOF6nlEW/ role Admin domain

default-domain

username www password 5 $1$B2AHYL8p$ZXimTlxLsygmYBc3rncml0 role Admin domain de

fault-domain

SPM-LB-ACE-1/Admin#

SPM-LB-ACE-2/Admin# sh run

Generating configuration....

boot system image:c4710ace-mz.A4_2_0.bin

peer hostname SPM-LB-ACE-1

hostname SPM-LB-ACE-2

interface gigabitEthernet 1/1

channel-group 48

no shutdown

interface gigabitEthernet 1/2

no shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

shutdown

interface port-channel 48

switchport trunk native vlan 350

switchport trunk allowed vlan 50-350

no shutdown

class-map type management match-any remote-access

description remote-access-traffic-match

2 match protocol telnet any

3 match protocol ssh any

4 match protocol icmp any

5 match protocol http any

6 match protocol https any

policy-map type management first-match remote-mgmt

class remote-access

permit

interface vlan 350

ip address 172.20.150.102 255.255.255.0

alias 172.20.150.100 255.255.255.0

peer ip address 172.20.150.101 255.255.255.0

service-policy input remote-mgmt

no shutdown

ft interface vlan 300

ip address 172.100.100.102 255.255.255.0

peer ip address 172.100.100.100 255.255.255.0

no shutdown

ft peer 1

heartbeat interval 300

heartbeat count 20

ft-interface vlan 300

query-interface vlan 350

ft group 3

peer 1

peer priority 110

associate-context Admin

inservice

ip route 0.0.0.0 0.0.0.0 172.20.150.1

context LoadBalancing

allocate-interface vlan 50-200

context WAAS

description WAAS Virtual Device

allocate-interface vlan 50-150

ft group 1

peer 1

peer priority 110

associate-context LoadBalancing

inservice

ft group 2

peer 1

peer priority 110

associate-context WAAS

inservice

username admin password 5 $1$v89/qW4E$aNIx1X0w5ZjUhhROOCKsJ/ role Admin domain

default-domain

username www password 5 $1$gPav6efv$uQYBE3K2tNAvDwVbOcY4f1 role Admin domain de

fault-domain

SPM-LB-ACE-2/Admin#

Thanks,

Pushpendra

9899417387