Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
694
Views
0
Helpful
1
Replies

ACE and VIP locations (client side vlan only?)

betacomsvc
Level 1
Level 1

‎02-24-2011 02:21 AM

Hi,

I have the following questions about the VIP locations.

From the configurations guides, you configure a VLAN X  for clients (where the traffic to be balanced arrives), and VLAN Y for  servers (where the real servers are) - for router mode these are 2 different subnets, for bridge mode this is the same subnet. In all the examples I've seen, the  VIP address is from the client VLAN subnet.

Can the VIP be a member of a different subnet? For  example can it be a member of the Server VLAN Y? Or a completely  different VLAN Z?, what would be the necessary changes?

For the router mode I presume that a static route would be needed on MSFC pointing to the client Vlan IP of the ACE module. No routing changes required on servers.

What about the bridge mode? Static route on MSFC pointing to what? BVI? How does it comply to the fact that BVI is only used for management purposes. What about the routing changes on servers?

One more question for RHI. Does it require a VIP to be located on a different subnet than a client Vlan?

regards,

m.w

Labels:
0 Helpful
1 Reply 1

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎03-01-2011 08:02 AM

Good afternoon,

Having the VIPs on a different subnet than the vlan is not a problem at all, you just need to make sure that this traffic is arriving to the ACE. Once it arrives, the ACE will match on it regardless of the subnet it is in.

In routed mode, as you said, it's enough to add a static route pointing to the ACE client vlan interface.

For bridged mode, you would have two options:

  • Add a route pointing to the BVI
  • Add a route to another router in the server vlan. This way, even though the traffic is not directly sent to the ACE, it would be sent through it, and therefore, be matched.


In both scenarios, you don't need to make any changes to the routing on the servers, because they are normally not aware of what was the VIP used.

I hope this answers the question, but, if you would like any further clarification, just let me know.

Best regards

Daniel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card