CSM - direct access to server in bridge mode

cwtsoi8 · ‎05-19-2004

I have CSM on bridge mode and want to access to the server in server VLAN using their real ip address. DO i need to configure anything or it is the default behaviour?

On the other hand, servers in the server VLAN will need to initialize connection to outside world and their connection shall use their 'real' ip address. Is there anything that I need to configure to allow this?

At present, both my direct access to server and connection initialized from servers failed.

Gilles Dufour · ‎05-20-2004

I believe you still need a vserver to catch the traffic to the server ip addresses.

By default only traffic to vserver is allowed.

You can do something like this

serverfarm route

predictor forward

!

vserver 2servers

vip x.x.x.0 /24 any

serverfarm route

inservice

!

The vip is the same subnet as the server vlan.

For your server initiated traffic, you can do the same. However, it is normally not required if the vlan has been defined as 'vlan server'.

Regards,

Gilles.

jfoerster · ‎05-20-2004

HI Gilles,

this is quite confusing as I learnt in a workshop with some Cisco SEs that the CSM is bridging all traffic which is not destined to a VIP if you do bridged mode. I agree with you that you realy need the predictor if you are running secure/routed mode.

However Chi Wang (I hope that's your forename):

In regards of your first question:

I think nothing has to be done to get the reals directly the only thing which has to be ensured it that they are plugged in the correct vlan and reside in that vlan.

In regards of your second question:

Have you checked if the routing from the servers to the GW is done correctly (towards a gateway in the Layer3 subnett?)

Btw are the servers connected in the server vlan?

Have you done a ping from the MSFC towards the servers?

have you done a traceroute from the servers to the destination you want to reach? Where does the traceroute stop?

Some additional questions from my side:

You set up the CSM in bridged-mode however the reals could be on a different LAyer3 hop? What's your topologiy maybe you can give us a hint of how you config looks like and what's the topology.

Kind Regards,

Joerg

Gilles Dufour · ‎05-24-2004

Joerg,

I agree with you.

Nothing is required normally in bridge mode.

I should have been more carefull writing this previous post.

My idea was more a suggestion to make it work.

Gilles.

robert.breen.hbp2 · ‎06-09-2004

If you happen to be running in Hybrid mode, be sure that both your client and server VLAN's are added to the trunk on the Catalyst side of the house.

If, for instance, your server VLAN was VLAN 300 and your client VLAN was VLAN 301 and your CSM was in slot 6, you could use the following command to ensure trunking is setup properly:

set trunk 6/1 300-301

If the VLAN's are already added, it won't hurt anything and if they are not this command will add VLAN's 300 and 301 to the trunk.

Good luck.