Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
4
Replies

Cisco ACE module, design

pd.politiet.no
Level 1
Level 1

‎12-06-2010 10:42 PM

Not sure how to put this, but the Q is what recomondations you would give regarding design configuration using 2 ACE modules in 2 different 6509's.

Some background info:

The 6509's is used as core, and configured with bgp, ospf, vrf and hsrp.  The VLAN's configured are in different vrf's and communication between vrf's are going thru the fwsm in the 6509. Fwsm are configured active/standby.

One vrf consists of 1 or more vlan's, fwsm seprates communication between the vrf's and traffic between vrf's needs to go trhu the fwsm.  Communication to different remote sites (where the clients are), are in vrf Client and they need to connect to different applications in different vrf's.  The different vrf's also needs to communicate with each other.  Some of this traffic, client->server and server->server, needs to be loadbalanced.  Servers that will be loadbalanced are in the same subnet. These servers have default gateway to the vrf, not the ACE module. The ACE modules are configured with ft.

What would you recommend, designing this?

Today we have configured one-armed mode, with source NAT and contexts.  This works, but not many clients/servers are beeing loadbalanced at the moment. Next year more clients/servers will come.  I guess there will be between 100-500 sessions at the most from client/server -> server, with loadbalancing. This applies to one context, and each context (it's a standard license, so theres limitations to 5 context I guess) will have 2-10 serverfarms with different applications, that needs to be loadbalanced. One serverfarm will consist of 2-8 servers at the most.

But I'm not sure this is the best way to do it. Or doesn't it matter regarding utlization?

What about routed and brigde mode, something to look at?  What are the most common way to configure ACE in a setting like this?

Br

Geir Sand-Strand

Labels:
0 Helpful
4 Replies 4

Surya ARBY
Level 4
Level 4

‎12-06-2010 10:54 PM

1 arm / source NAT is the best / less intrusive option.

0 Helpful

pd.politiet.no
Level 1
Level 1
In response to Surya ARBY

‎12-06-2010 10:57 PM

Thanks for the quick reply!

I guess i continue doing using one-arm then.

Br

Geir Sand-Strand

0 Helpful

pd.politiet.no
Level 1
Level 1
In response to pd.politiet.no

‎12-06-2010 11:02 PM

Forgot to ask about contexts.

How many serverfarms and one-armed loadbalancing in one context are recommended? Maybe it wouldn't be a problem, only helps me seprate in different context in stead of running more loadbalancingservices in one context.

Just asking this if I need to update the license for running more contexts.

Br

Geir

0 Helpful

Surya ARBY
Level 4
Level 4
In response to pd.politiet.no

‎12-06-2010 11:07 PM

It depends on the load you expect and the thresholds you configured in the ressource class.

You should see "contexts"  for an organisational purpose (1 for external services, 1 for internal services, shared services, main services, branch1, branch2...)

Follow the allocation policy you defined for you VLANs.

I have a customer who use 1 context per vlan and performs 1arm+source NAT in each context.

Other customers use a shared context for all external apps and another context for all internal apps.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card