Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3233
Views
5
Helpful
5
Replies

Cisco CSS Layer 3 Load Balancing query

Go to solution
danielng83
Level 1
Level 1

‎06-25-2010 08:21 AM

Hi all,

i have a query on layer 3 load balancing. Please refer to the following example and config,

service A

ip address 1.1.1.1

keepalive icmp

active

service B

ip address 1.1.1.2

keepalive icmp

active

content C

vip 10.10.10.10

add service A

add service B

Now for example if i launch on IE the following URL : 10.10.10.10 and it hits the CSS in this case. Will the CSS direct traffic to port 80 on service A and B?

So does that mean if i specify http://10.10.10.10:2222 on IE, then CSS will load balance traffic to port 2222 on service A and B? If not, is there anyway i can achieve this? Appreciate ur feedback.

Cheers!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Pablo
Cisco Employee
Cisco Employee

‎06-25-2010 05:33 PM

Hi Daniel,

Yes you're right! The CSS by default passes the request using the same destination port the client used to open the request. Since there are no ports defined PAT is not considered.

Hope this helps.

__ __

Pablo

Cisco TAC

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Pablo
Cisco Employee
Cisco Employee

‎06-25-2010 05:33 PM

Hi Daniel,

Yes you're right! The CSS by default passes the request using the same destination port the client used to open the request. Since there are no ports defined PAT is not considered.

Hope this helps.

__ __

Pablo

Cisco TAC

0 Helpful

Go to solution
danielng83
Level 1
Level 1
In response to Pablo

‎06-25-2010 09:14 PM

Thanks for the clarification Pablo! I am also confused on port mapping and how it comes into play. Understand that port mapping is enabled by default. Will this feature in turn affect what i am trying to achieve?

0 Helpful

Go to solution
Pablo
Cisco Employee
Cisco Employee
In response to danielng83

‎06-28-2010 10:35 AM

Daniel,

Port mapping is a choice and usually something that you configure to protect your server resources. For example if your HTTP server is listening on port 8080 but the virtual address is configured to do port translation from port 80 to port 8080 then an attacker would have less chances to launch an attack against the server as there's no way to know the backend server port other than trying/guessing.

At the same time if you have this HTTP website on port 8080 you don't want the user to type http://mywebsite.com:8080/index.html as this can be a tedious task so in this case you have your VIP on port 80 and the CSS will do the port translation from 80-to-8080 which is totally transparent to the client.

If you don't define the ports in your configuration port translatation won't be used as the request will be sent to the server in the same destination port the CSS received it.

Hope this helps.

__ __

Pablo

Cisco TAC

Go to solution
danielng83
Level 1
Level 1
In response to Pablo

‎07-13-2010 08:15 AM

Hi Pablo,

thanks alot for the response. It definitely helped!

0 Helpful

Go to solution
arun.mohan
Level 1
Level 1

‎04-02-2012 04:55 AM

Hi Pablo,

Thanks for the confirmation. I need the same scenario, along with the port monitoring on the real servers. Is it possible?

Can monitor few required ports and load balance on the Layer 3?

merci,

arun

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card