ACE - Reaching VIP between Context

muhammadrameezkhan · ‎03-11-2012

Dear fellows,

I have the following enviroment:

2 6500 Core Switch

2 ACE10-6500-K9 installed in 2 Core Switch

3 context > AE,CE,PE

6 SERVERS -> 2 servers for AE Context, 2 Server for CE Context, 2 Servers for PE Context

Default Round Robin Load Balancing for Each context

Vlan 20; Client Side Vlan

vlan 130; Server Side Vlan

I have the following Scenario:

ACE is configured in Routed Mode, Multiple context share same VLAN

I want to achieve the following objective:

---------------------------------------------------------

Each Context Should be able to Reach VIP of ther Other Context

-------------------------------------------------------------------------

For referece, i am attaching configuration of AE context.

Please help me out at your earliest.

thanks & Regards,

Rameez

chrhiggi · ‎03-30-2012

Hello Muhammad-

ACE puposefully blocks any traffic from a source MAC address of another context it owns (sometimes even other physical ACEs due to how the mac addressing is allocated.)

The only way to get around this is to route outbound traffic to the MSFC or other router, then back into the next context so that the source MAC being recieved is not the origonating context.

I will warn you from experience - You are headed for a headache attempting to get context that share the same VLANs to pass packets between eachother. It is much easier to pass traffic between context through vlans that are not known to eachother. ACE will not allow you to force-route VIP traffic to a gateway where it sees a host as L2 adjacent, which makes the return path require source-natting somewhere between the contexts.

Regards,

Chris Higgins