There is no NAT related config on ACE, so I believe that load balance is not using source translation.
On the backbone, there is route-map configured on the Server vlan. This route-map is used for "set IP next-hop", but I cannot understand the purpose of this route-map. Can you explain? The config below is part of actual config but modified.
### ACE ### probe tcp 8000 port 8000 interval 2 faildetect 2 passdetect interval 5 passdetect count 5 rserver host ABC ip address 10.10.10.51 inservice rserver host CBA ip address 10.10.10.52 inservice serverfarm host ABCDE-8000 probe 8000 rserver ABC inservice rserver CBA inservice sticky ip-netmask 255.255.255.255 address source ABCDE-8000 timeout 10 timeout activeconns replicate sticky serverfarm ABCDE-8000 class-map match-any ABCDE-8000-VIP 2 match virtual-address 10.10.1.100 tcp eq 8000 policy-map multi-match ABCDE-8000-POLICY class ABCDE-8000-VIP loadbalance vip inservice loadbalance policy ABCDE-8000-Sfarm loadbalance vip icmp-reply active interface vlan 70 description ### ACE-OUTESIDE ### ip address 10.10.1.3 255.255.255.0 alias 10.10.1.1 255.255.255.0 peer ip address 10.10.1.2 255.255.255.0 no normalization no icmp-guard service-policy input ABCDE-8000-POLICY no shutdown ip route 0.0.0.0 0.0.0.0 10.10.1.30
### show conn ### 903749 1 in TCP 70 10.75.50.57:52980 10.10.1.100:8000 ESTAB 984007 1 out TCP 70 10.10.1.100:8000 10.75.50.57:52980 ESTAB
### Switch ### interface Vlan100 description ### ABCDE ### ip address 10.10.10.28 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip accounting output-packets ip policy route-map PBR standby 100 ip 10.10.10.30 standby 100 priority 110 standby 100 preempt delay minimum 150 reload 180 ! route-map PBR permit 5 match ip address ACE ! route-map PBR permit 10 match ip address ACL101 set ip next-hop 10.10.1.1 ! route-map PBR permit 20
The provided configuration consists of Cisco ACE (Application Control Engine) and a switch configuration. The focus here is on understanding the purpose of the route-map applied on the switch's Vlan100 interface. I had break it down:
The switch has an interface Vlan100 with IP address 10.10.10.28 and subnet mask 255.255.255.0.
The switch is running HSRP (Hot Standby Router Protocol) with virtual IP 10.10.10.30, and it is in standby mode with priority 110.
The route-map named "PBR" (Policy-Based Routing) is applied on the Vlan100 interface.
The route-map has two permit statements, numbered 5 and 10.
The route-map PBR permit 5 matches traffic based on an access list named ACE.
The route-map PBR permit 10 matches traffic based on an access list named ACL101.
If a packet matches the criteria specified in permit 5 (ACE access list), it will take the normal routing path.
If a packet matches the criteria specified in permit 10 (ACL101 access list), it will be forwarded to the next-hop IP address 10.10.1.1.
From the given configuration, it appears that the route-map PBR is used for policy-based routing to selectively route traffic from Vlan100 to the next-hop IP address 10.10.1.1. The purpose of this specific policy-based routing is not clear from the provided information, as it depends on the access list ACE and ACL101's configurations, which are not included here.