sorry..lets put my scenario again..

- MSFC and CSM installed

- All vlans in the MSFC (clients n servers)

- Need to do some load balancing servers..which have to be created in the CSM.

I wanna know whats the best way to do it without changing the MSFC config.

If you want brigde mode, you need to create the servers vlan on the CSM.

For each server vlan you need to create a new vlan that you will associate with the server vlan.

ie:

vlan 30 server

ip address x.x.x.x/x

Then you create for example vlan 130 like this

vlan 130 client

ip address

On the MSFC, you remove all server vlan interface and you replace them with associated client vlan.

ie: you remove interface vlan 30 and instead you configure interface vlan 130.

Now, you need to decide what VIP address you will use.

You can use ip from one or more of the server vlans.

The MSFC knows immediately how to route the traffic to the VIP since it has a vlan in the same range as the vip.

You could create a new subnet for the vip.

In this case, you can either create a new vlan on the MSFC and the CSM and this will be used by the MSFC to communicate with the CSM, or you could simply add a static route on the MSFC pointing to the CSM through one of the existing vlan between MSFC and CSM.

Regards,

Gilles.

Hi,

Sorry..i wont be using bridge mode..

I can't use your suggestion, because i don't want to change the MSFC config (VLAN interface). And i'm load balancing ONLY 2 servers and there are more than 20 servers in the server farm. Therefor, I can only configure the CSM.

So, my concern is, do i have to configure all the clients vlan in the CSM. (around 40 client vlan).

Thanks,

No, you never need the client vlan to be configured on the csm.

What you do is configure a single vlan [a new one] between csm and msfc.

That vlan will be for client traffic.

Then, you need to create the server vlan so the CSM can forward traffic to the server directly.

The CSM must see the server response.

To guarantee this, you have to change the default gateway of the servers to be the CSM instead of the MSFC.

If this is not acceptable, the other solution is to nat client traffic on the CSM.

The disadvantage is that the server is unable to distinguish the client based on their ip address.

All traffic will come from this nated ip address that belongs to the CSM.

As you can see, if you are not ready to make a few modifications, it will be difficult to implement a good solution.

I still believe the bridge mode solution is the best one, it just requires you to change the vlan id on the msfc. The ip addressing stays the same.

Gilles.

Thanks for rating.

Hi,

Sorry, I don't quite get what you mean. Can you give me an example.

Like,

MSFC

====

VLAN 101 (server VLAN)

VLAN 120-150 (client VLAN)

CSM

===

VLAN 101 (server VLAN)

????? client VLAN

Thanks.

this is not because the device is called a CSM that routing and switching rules do not apply.

So, if you have 2 devices and want to pass traffic between the 2 you need a common vlan.

You could use only vlan 101 which is fine.

If your VIP is an ip of vlan 101, you don't even need to add any static routes.

However, if you want to use another subnet for the vip.

You could simply add a static route on the MSFC pointing to the CSM ip in vlan 101.

Or you could create another vlan for this subnet and have the CSM and the MSFC part of this new vlan.

Again, the problem with this type of config is that particular attention is required to guarantee that the response from the server to the client goes through the CSM.

Using client nat is the easiest solution but the servers will not see the real client ip address.

[check with your server admin if they need the client ip for statistics or other reason].

And once again, brigde more is the easiest if you want to change a minimum of config and avoid all the problem of client nat.

I don't see why changing a couple of vlans on the MSFC is an issue.

G.

got you..i guess i've to change the MSFC config.

I'll move the server VLAN (101) to CSM.

vlan 101 server

ip add 10.10.10.254/24

Create the same server VLAN in MSFC.

int vlan 101

ip add 10.10.10.1/24

Maintain all other VLANs.

And create the servers to be load balance in the CSM.

And that will do, right??

the question is 'what default gateway are you going to use for the servers ?'

Don't forget, the response from the server to the client must go through the CSM.

If you make the CSM the default gateway everything is ok.

If you make the MSFC the default gateway, you need to nat the client ip address on the CSM.

If you create a different vlan on the msfc called for example 201 and the same vlan 201 on the csm, using the same ip address as in vlan 101 [this is ok on the csm, on the msfc you need to remove vlan 101], and then use the msfc as default gateway for the servers, you guarantee that the traffic always goes through the CSM.

Regards,

Gilles.

Thanks for ratigng my answers.