Solved: Re: ACE - Generic loadbalance by TCP Port?

b-cunningham · ‎02-16-2011

Hello,

I am using an ACE 4710 load balancer to balance generic TCP traffic between two servers using source IP address. I find that I now have a situation where I have different connections (TCP ports 20073, 20071 and 20025) coming in from the same source address. I need to move the one connection on port 20073 to the RealTime host and leave the rest going to the Tandem. I can’t seem to come up with a class map or policy map that will work with what I already have. Any ideas….?

rserver host Realtime1

description Realtime1

ip address 10.1.2.12

conn-limit max 4000000 min 4000000

probe ECHO_PROBE

inservice

rserver host Tandem

description Tandem

ip address 10.1.2.8

conn-limit max 4000000 min 4000000

probe ECHO_PROBE

inservice

serverfarm host RealTime

predictor leastconns slowstart 120

rserver Realtime1

conn-limit max 4000000 min 4000000

inservice

serverfarm host Tandem

predictor leastconns slowstart 120

rserver Tandem

conn-limit max 4000000 min 4000000

inservice

class-map match-all Prod

2 match virtual-address 10.100.9.1 tcp any

class-map match-any SERVER-INITIATED

2 match source-address 10.1.2.12 255.255.255.255

4 match source-address 10.1.2.8 255.255.255.255

class-map type generic match-any xfr-ATMs

2 match source-address 10.200.125.201 255.255.255.255

3 match source-address 10.60.3.2 255.255.255.255

4 match source-address 10.60.3.3 255.255.255.255

5 match source-address 10.120.8.2 255.255.255.255

policy-map type loadbalance generic first-match LB-Prod

class xfr-ATMs

serverfarm RealTime

class class-default

serverfarm Tandem

policy-map multi-match Production

class Prod

loadbalance vip inservice

loadbalance policy LB-Prod

loadbalance vip icmp-reply active

policy-map multi-match src-natted-servers

class SERVER-INITIATED

nat dynamic 1 vlan 25

interface vlan 25

description AO Public

ip address 10.100.9.3 255.255.255.0

no normalization

no icmp-guard

nat-pool 1 10.100.9.1 10.100.9.1 netmask 255.255.255.255 pat

service-policy input Production

no shutdown

interface vlan 236

description AO RealTime

ip address 10.1.2.3 255.255.255.0

service-policy input src-natted-servers

no shutdown

Thank you.

Brad

pthadani · ‎02-22-2011

How about creating VIPs based on the port e.g.:

class-map match-all Prod-RealTime

2 match virtual-address 10.100.9.1 tcp 20073

class-map match-all Prod

2 match virtual-address 10.100.9.1 tcp any

policy-map multi-match Production

class Prod-RealTime

loadbalance vip inservice

loadbalance policy LB-Prod-RealTime

loadbalance vip icmp-reply active

class Prod

loadbalance vip inservice

loadbalance policy LB-Prod

loadbalance vip icmp-reply active

View solution in original post

pthadani · ‎02-22-2011

How about creating VIPs based on the port e.g.:

class-map match-all Prod-RealTime

2 match virtual-address 10.100.9.1 tcp 20073

class-map match-all Prod

2 match virtual-address 10.100.9.1 tcp any

policy-map multi-match Production

class Prod-RealTime

loadbalance vip inservice

loadbalance policy LB-Prod-RealTime

loadbalance vip icmp-reply active

class Prod

loadbalance vip inservice

loadbalance policy LB-Prod

loadbalance vip icmp-reply active

b-cunningham · ‎02-23-2011

That did it! Thank you very much.

Brad