07-20-2006 06:25 AM
Hello,
We have a telnet application that can not use client NAT. For these application servers we have been using the VRRP address of the CSSs as default gateway instead of the HSRP address of the routers on that vlan. This is to keep the return traffic going through the CSS to keep consistent flows.
Today we moved this application to the CSM and now the application works fine but if we try to terminal session into the server it does not work. Additionally if we telnet to the VIP its ok but does not work if its tried directly on one of the servers on the server farm. Ping and trace route works ok to the servers. My understanding of the issue is that the CSM discarding the return traffic from the servers because its not stateful as the incoming traffic goes directly from the router to the server. BTW the same configuration works with a CSS so maybe its something to do with the CSM.
Thanks for any input.
Murtaza
07-20-2006 07:15 AM
Murtaza,
the CSM does not route by default from vlan to vlan except for server initiated connections.
To allow the routing and therefore access via telnet to you servers, you need to configure a vserver to allow this traffic.
ie:
vlan server XXX
ip x.x.x.x
serverfarm route
predictor forward
no nat server
vserver to_server
vip x.x.x.0/24 any
serverfarm route
inservice
Gilles.
07-21-2006 01:27 AM
Gilles,
I tried the config and it still does not work although I can see the new vserver created for routing:
ROUTE SLB any 141.122.88.0/25:0 ALL OPERATIONAL 0
and the serverfarm as well:
serverfarm ROUTE
no nat server
no nat client
predictor forward
The vlan serer is configured as well:
vlan 202 server
ip address x.x.x.86 255.255.255.128 alt x.x.x.91 255.255.255.128
route 0.0.0.0 0.0.0.0 gateway x.x.x.1
alias x.x.x.84 255.255.255.128
Thanks,
Murtaza
07-21-2006 05:54 AM
do you see any hits on the vserver when you open a connection to the server ?
Try to capture a sniffer trace to see what's going on.
Capture the client and server vlan.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide