Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
980
Views
0
Helpful
2
Replies

Cisco ACE VIP is not response large size packet

Alvaro Perez Unzueta
Level 1
Level 1

‎04-24-2011 11:17 PM

Hello,

I have a trouble, the vip in the context intranet is 172.10.254.3 and when i make ping -l 500 172.10.243.3, the vip respond, but when i make ping -5000 172.10.254.3, the vip is not response. what happend?? i want to reach the vip, but when the size is large the icmp is not response.

My config:

access-list anyone line 8 extended permit ip any any


probe tcp WEBLOGIC-TCP
  port 7293
  interval 4
  faildetect 2
  passdetect interval 10
  passdetect count 2
  receive 2
  open 2

rserver host intra1
  ip address 10.200.254.3
  inservice
rserver host intra2
  ip address 10.200.254.4
  inservice

serverfarm host intrafarm
  rserver intra1
    probe WEBLOGIC-TCP
    inservice
  rserver intra2
    probe WEBLOGIC-TCP
    inservice

sticky ip-netmask 255.255.255.255 address source src-ip-sticky
  timeout 6
  timeout activeconns
  serverfarm intrafarm

class-map type management match-any Mgt
  2 match protocol http any
  3 match protocol telnet any
  4 match protocol ssh any
  5 match protocol icmp any
class-map match-any VIP-srvintranet
  2 match virtual-address 172.10.254.3 any

policy-map type management first-match Management
  class Mgt
    permit

policy-map type loadbalance first-match lb-vip
  class class-default
    serverfarm intrafarm

policy-map multi-match client-vips
  class VIP-srvintranet
    loadbalance vip inservice
    loadbalance policy lb-vip
    loadbalance vip icmp-reply

interface vlan 501
  description SIDE-SERVERS
  ip address 10.200.254.1 255.255.255.248
  access-group input anyone
  access-group output anyone
  service-policy input Management
  no shutdown
interface vlan 502
  description SIDE-CLIENTS
  ip address 172.10.254.2 255.255.255.248
  access-group input anyone
  access-group output anyone

ip route 0.0.0.0 0.0.0.0 172.10.254.1

Labels:
0 Helpful
2 Replies 2

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎04-27-2011 06:58 AM

Hi Alvaro,

This behavior is expected. The longest Ethernet frame allowed is 1500 bytes, so any packets bigger than that will not be accepted.

When trying to ping a device, always try with 1460 bytes or less.

Regards

Daniel

0 Helpful

stmccabe
Cisco Employee
Cisco Employee
In response to Daniel Arrondo Ostiz

‎04-29-2011 09:23 PM

As a Note,

You can enable the ACE to support Jumbo frames - 9216 MTU (through the ACE), but as Daniel mentioned when pinging an ACE vlan interface only 1500MTU is prohibited (this is by design)

Thanks.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card