09-19-2012 12:44 PM
Hello, I'm configuring ACE 4710's for the first time and I want to load balance my Nuance speech servers on port 554. Here's my configuration on ACE01:
hostname ace471001
interface gigabitEthernet 1/1
switchport access vlan 1000
no shutdown
interface gigabitEthernet 1/2
shutdown
interface gigabitEthernet 1/3
shutdown
interface gigabitEthernet 1/4
shutdown
access-list ALL line 8 extended permit ip any any
rserver host nss01
class-map type management match-any remote_access
2 match protocol xml-https any
3 match protocol icmp any
4 match protocol telnet any
5 match protocol ssh any
6 match protocol http any
7 match protocol https any
8 match protocol snmp any
policy-map type management first-match remote_mgmt_allow_policy
class remote_access
permit
interface vlan 1000
ip address 10.20.17.21 255.255.248.0
access-group input ALL
service-policy input remote_mgmt_allow_policy
no shutdown
How would I configure my speech server to isten on 554?
Thanks in advance
09-20-2012 05:10 AM
Hello Reginald
Currently you have only basic network configuration, there is no loadbalancing config
I'm not sure what exactly you're asking about , but basically you need to have
- real servers configured on ACE (
- serverfarm configured on ACE (
- L7 policy map (
- L4 policy map , class-map (
And then apply it on necessary interface.
This is a general configuration, in your specific case you may need to configure some additinal features (e.g. I think you will need to have stickiness enabled
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/sticky.html but it depends on your application)
links are for old config guids , but basic is pretty much the same for all versions.
Please check them and try to narrow down your question a bit.
09-20-2012 10:49 AM
Here is a basic loadbalance configuration:
access-list Allow_Access line 10 extended permit ip any any
rserver host test
ip address x.x.x.x ==============change this for the real IP address of your servers
inservice
rserver host test2
ip address x.x.x.x
inservice
serverfarm host LB
rserver test2
inservice
rserver test
inservice
class-map type management match-any NSS-ACCESS
10 match protocol telnet any
30 match protocol icmp any
40 match protocol http any
50 match protocol https any
class-map match-all VIP
2 match virtual-address z.z.z.z tcp eq 554 ========change z.z.z.z for you real VIP address
policy-map type management first-match NSS_MGMT
class NSS-ACCESS
permit
policy-map type loadbalance first-match test
class class-default
serverfarm LB
policy-map multi-match clients
class VIP
loadbalance vip inservice
loadbalance policy test
loadbalance vip icmp-reply active
nat dynamic 1 vlan 112
interface vlan 112
ip address 10.198.16.91 255.255.255.192
access-group input Allow_Access
nat-pool 1 10.198.16.122 10.198.16.122 netmask 255.255.255.192 pat
service-policy input NSS_MGMT
service-policy input clients
no shutdown
ip route 0.0.0.0 0.0.0.0 10.198.16.65
------------------------------------
Cesar R
09-20-2012 12:53 PM
Thanks, I made notifications and this is the current config:
rserver host nss01
ip address 10.2.4.70
inservice
serverfarm host test_lab
rserver nss01 554
class-map type rtsp loadbalance match-all L7SLBCLASS
10 match rtsp url /10.2.4.70/synthesizer
class-map type management match-any remote_access
2 match protocol xml-https any
3 match protocol icmp any
4 match protocol telnet any
5 match protocol ssh any
6 match protocol http any
7 match protocol https any
8 match protocol snmp any
How do I verify this config is functional?
09-20-2012 01:16 PM
Hi Reginald,
it should be like this:
rserver host nss01
ip address 10.2.4.70
inservice
serverfarm host test_lab
rserver nss01 554
class-map type rtsp loadbalance match-all L7SLBCLASS
10 match rtsp url /synthesizer
class-map match-all VIP
2 match virtual-address 10.2.4.70 tcp eq rtsp
policy-map type loadbalance first-match LB
class L7SLBCLASS
serverfarm test_lab
policy-map multi-match clients
class VIP
loadbalance vip inservice
loadbalance policy LB
loadbalance vip icmp-reply active
This should work.
-----------------------------
Cesar R
09-21-2012 07:40 AM
Hi Cesar, here's what I configured so far:
rserver host nss01
ip address 10.20.17.70
inservice
serverfarm host test_Lab
rserver nss01 554
class-map type rtsp loadbalance match-all L7SLBCLASS
10 match rtsp url /synthesizer
policy-map type management first-match remote_mgmt_allow_policy
class remote_access
permit
policy-map type loadbalance rtsp first-match RTSP_L7_POLICY
class L7SLBCLASS
I'm trying to configure the rest:
class-map match-all VIP
2 match virtual-address 10.2.4.70 tcp eq rtsp
policy-map multi-match clients
class VIP
loadbalance vip inservice
loadbalance policy LB
loadbalance vip icmp-reply active
Thanks for your help
Reg
09-21-2012 02:43 PM
Hi Reginald,
the configuration looks good, just be sure to do inservice on the serverfarm
serverfarm host test_Lab
rserver nss01 554
inservice
-----------------------
Cesar R
09-24-2012 07:24 AM
Hi Cesar,
I'm a little confused with configuring the VIP
2 match virtual-address 10.2.4.70 tcp eq rtsp
Error: VIP address is the same as an rserver IP in the context
What should be my reserver IP be and what should my VIP be?
Thanks.
09-24-2012 10:38 AM
Hello Reginald,
The IP address in the rservers is the real IP address of the server
The VIP address is the IP that your clients will use to access the application.
----------------------------------------
Cesar R
09-25-2012 01:26 PM
Hi Cesar,
I believe I have it now:
2 match virtual-address 10.2.4.21 tcp eq rtsp (this now appears in my running config)
What kind of valid test would you suggest?
Thanks for your help with this, it's much appreciated.
Reginald
09-25-2012 01:30 PM
Hi Reginald,
Just send RTSP traffic to the VIP address 10.2.4.21 and you should see the video
If does not work, please gather the output of the show conn command
---------------------
Cesar R
09-25-2012 02:06 PM
It didn't work so here's the show running config probe rtsp probe01 rserver host nss01 ip address 10.2.4.70 inservice serverfarm host Nuance_Lab rserver nss01 554 class-map type rtsp loadbalance match-all L7SLBCLASS 10 match rtsp url /synthesizer class-map match-all VIP 2 match virtual-address 10.2.4.21 tcp eq rtsp class-map type management match-any remote_access 2 match protocol xml-https any 3 match protocol icmp any 4 match protocol telnet any 5 match protocol ssh any 6 match protocol http any 7 match protocol https any 8 match protocol snmp any policy-map type management first-match remote_mgmt_allow_policy class remote_access permit policy-map type loadbalance rtsp first-match RTSP_L7_POLICY class L7SLBCLASS policy-map multi-match clients interface vlan 1000 ip address 10.2.4.21 255.255.248.0 access-group input ALL service-policy input remote_mgmt_allow_policy no shutdown
09-25-2012 02:10 PM
Hi Reginald,
Please send me the running-config in a txt format
-----------------------------
Cesar R
09-25-2012 02:13 PM
Sorry about that, here it is:
probe rtsp probe01
rserver host nss01
ip address 10.2.4.70
inservice
serverfarm host Nuance_Lab
rserver nss01 554
class-map type rtsp loadbalance match-all L7SLBCLASS
10 match rtsp url /synthesizer
class-map match-all VIP
2 match virtual-address 10.2.4.21 tcp eq rtsp
class-map type management match-any remote_access
2 match protocol xml-https any
3 match protocol icmp any
4 match protocol telnet any
5 match protocol ssh any
6 match protocol http any
7 match protocol https any
8 match protocol snmp any
policy-map type management first-match remote_mgmt_allow_policy
class remote_access
permit
policy-map type loadbalance rtsp first-match RTSP_L7_POLICY
class L7SLBCLASS
policy-map multi-match clients
interface vlan 1000
ip address 10.2.4.21 255.255.248.0
access-group input ALL
service-policy input remote_mgmt_allow_policy
no shutdown
ip route 0.0.0.0 0.0.0.0 10.20.16.1
09-25-2012 02:23 PM
Hi Reginald,
The real server has this IP 10.2.4.70, right?
In the serverfarm we need to have the rserver inservice, like this:
serverfarm host Nuance_Lab
rserver nss01 554
inservice========================add this
The VIP needs to an IP address available it should be in use only in the ACE class-map
class-map match-all VIP
2 match virtual-address 10.2.4.21 tcp eq rtsp
interface vlan 1000
ip address 10.2.4.21 255.255.248.0
access-group input ALL
service-policy input remote_mgmt_allow_policy
no shutdown
You will have to change the IP address of VLAN1000 or the VIP address
In the policy-map type loadbalance you have to add the serverfarm:
policy-map type loadbalance rtsp first-match RTSP_L7_POLICY
class L7SLBCLASS
serverfarm Nuance_Lab=================add this
The policy-map multi-match should look like this:
policy-map multi-match clients
class VIP
loadbalance vip inservice
loadbalance policy RTSP_L7_POLICY
You need to add the policy to the interface, like this:
interface vlan 1000
ip address 10.2.4.XX 255.255.248.0
access-group input ALL
service-policy input remote_mgmt_allow_policy
service-policy input clients=======================add this
no shutdown
If this does not work, pleas gather the show conn output
----------------
Cesar R
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide