Cisco ACE - FT Pair IP Alias address

gerardgillan · ‎05-09-2012

Hi All,

I have recently configured a pair of ACE 4710 appliances in a FT group. The ACE's are deployed in one-arm mode, using Source NAT, with all routing to and from being done by a pair of PIX firewalls.

My configuration does not include the use of an "alias" IP address on the data VLAN interface within each of my contexts.

My understanding is that the "alias" IP address is similar to a HSRP address and if the ACE is deployed in Routed mode the default gateway for the servers can be configured with the "alias" address so as this is always available even if a fail over occurs.

Could someone advise if this is a correct interpretation and of use of the "alias" IP address and if so whether it is required when using a one-arm mode topology?

Regards,

Gerard

sivaksiv · ‎05-09-2012

Hi,

Your understanding is correct. If you are running FT, you will need an alias IP address in any VLAN where ACE needs to be used as either a next hop for PBR (or other static routes) or as default gateways.

-

Siva

gerardgillan · ‎05-09-2012

Thanks for your reply Sivaksiv.

So as I have a one-arm mode deployment and am not using the ACE as default gateway for the servers or as a next hop for any routes I don't need to include an alias IP address then?

Regards,

Gerard

sivaksiv · ‎05-09-2012

Hi Gerard,

Thats right. As long as all seem to be working even after failover its not required.

-

Siva