Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
833
Views
0
Helpful
4
Replies

Bridging mode: ¿can servers be reachable by their real IP addresses?

Go to solution
rogelioalvez
Level 1
Level 1

‎04-11-2012 06:00 AM

Hello team.

Customer is asking me to load balance a farm of servers for clients in the same subnet, so I am going to configure bridge mode.

In parallel, customer is asking me to have visibility of the real IP addresses of each of the individual servers in the farm, for management purposes. I do not know if this possible, but I would assume that ACE will bridge packets from client to destination server´s real IP address in cases like this. ¿Am I right?

I do not know if this is feasible by default or if I need to put policies in place to allow it.

Your help will be greatly appreciated.

Best regards

Rogelio Alvez

Argentina

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
sivaksiv
Cisco Employee
Cisco Employee

‎04-11-2012 06:07 AM

Hi,

If you are hitting a virtual ip (for loadbalancing) then you need to apply the policy on the inbound interface and src nating might be required. If you are hitting directly the real server ip then ACE would just bridge the traffic.

-

Siva

View solution in original post

0 Helpful

Go to solution
sivaksiv
Cisco Employee
Cisco Employee
In response to rogelioalvez

‎04-11-2012 07:52 AM

Hi Rogelio,

You are right. SRC nat not required if they are in different vlan or in a different segement.

-

Siva

View solution in original post

0 Helpful
4 Replies 4

Go to solution
sivaksiv
Cisco Employee
Cisco Employee

‎04-11-2012 06:07 AM

Hi,

If you are hitting a virtual ip (for loadbalancing) then you need to apply the policy on the inbound interface and src nating might be required. If you are hitting directly the real server ip then ACE would just bridge the traffic.

-

Siva

0 Helpful

Go to solution
rogelioalvez
Level 1
Level 1
In response to sivaksiv

‎04-11-2012 06:27 AM

Hi Siva, thanks a lot for your quick answer!

Let me please check something else about your answer. You say that SRC NAT might be required. I assume that you warn me of this IF clients and servers are in the same VLAN.

But IF clients are in VLAN X and servers are in VLAN Y (both vlans bridged by the ACE), then the ACE won´t need SRC NAT to disguise clients´ addresses, since clients and servers are physically joined thru the ACE.

I would appreciate your confirmation on this SRC NAT subject.

Thank you very much in advance again

Best regards, Rogelio

0 Helpful

Go to solution
sivaksiv
Cisco Employee
Cisco Employee
In response to rogelioalvez

‎04-11-2012 07:52 AM

Hi Rogelio,

You are right. SRC nat not required if they are in different vlan or in a different segement.

-

Siva

0 Helpful

Go to solution
rogelioalvez
Level 1
Level 1
In response to sivaksiv

‎04-12-2012 11:50 AM

Excellent! Then it works just as I expected.

I have not had a chance to get a hold yet into these boxes (I am going to do it soon), so I wanted to double check the design.

Thanks a lot!!

regards, Rogelio

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card