04-08-2013 11:33 PM
I have Cisco 6500 with FWSM and ACE module which are in one central DC. Also we have four different Datacenter (Hub & spoke) and in our FWSM we have configured four contexts in central DC FWSM for each DC. Each DC servers are different VLAN and IP subnet. Now we have to configure ACE module for load balancing among those different subnet servers. What will be the design and configuration for this solution? Like routed or one-arm mode design.
Scenario Example:
1. App Server01
IP:192.168.11.5/24
GW: 192.168.11.1 in FWSM
FWSM Context: DC1
Physical Location:DC1
VLAN:11
2. App Server02
IP:10.101.4.5/24
GW: 10.101.4.1 in FWSM
FWSM Conext:DC2
Physical Location:DC2
VLAN:4
3. App Server03
IP:192.168.2.5/24
GW: 192.168.2.5 in Local Switch (not in FWSM)
Physical Location:DC3
VLAN2
Now customer requirement is we have to load balance using ACE between these App Servers which are in different context s in FWSM and one Server is not FWSM.
Please guide me how to configure or design or placement of ACE and FWSM for above scenario.
Thanks
Rashed
04-09-2013 07:36 AM
Hi,
It looks like Routed mode is ideal solution for you. One arm is feasible if all the servers are in the same subnet.
Here is a good reference for this kind of scenerio.
http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/ACE_FWSM.html
regards,
Ajay Kumar
04-09-2013 10:37 AM
Thanks Ajay. Will you please clearify the position on ACE. cause most of the severs GW is FWSM.
Example:
MSFC
| Vlan10
|
ACE
|Vlan 11
|
FWSM
| |
Subnet1 Subnet1
Vlan100 Vlan200
and also flow traffice flow
04-10-2013 12:41 AM
Hi,
I believe the flow would be:
Client vlan ( vlan10) >> ACE >> VLAN 11 >> FWSM >> VLAN 100 or VLAN 200
I believe FWSM will do 1to1 NAT for each server.
In that case I see feasibility for ONE ARM as well. It is just that you have to add Source NAT on ACE.
ACE ---- vlan 10 ----- FWSM ------- servers
Or As above:
----vlan10--- ACE --- vlan11-----FWSM----( vlan100 or vlan 200)
In both the cases you need to add source Natting on ACE to make it work.
Hope that helps.
regards,
Ajay Kumar
04-10-2013 02:38 AM
Thanks i will share this with my planning team.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide