05-26-2006 02:35 PM
Hi,
Is it possible having cat6k with CSM module to configure them with SVI vlan for some hosts and server vlan for vserwer and real servers behind it to assure one to one communication between them?
I need to connect from SVI vlan hosts to every host that is in server vlan in server farm and the other way round.
Any hint or urls? Is it possible at all?
tia
06-01-2006 08:24 AM
06-05-2006 10:23 PM
Thank You, I'm taking a look at it.
br
06-06-2006 12:04 AM
Forget the link that was given to you.
It is for IOS slb - not CSM.
A sample config for what you want would look like this:
mod csm X
vlan x1 client
ip address x.x.x1.x /24
gateway x.x.x1.x
vlan x2 server
ip address x.x.x2.x /24
serverfarm route
no nat server
predictor forward
!
vserver to-vlanx2
vip x.x.x1.0 /24
serverfarm route
!
This is a vserver to catch traffic coming from client and going to servers directly.
The traffic will simply be forwarded.
This is required because the CSM does not route from a client vlan to a server vlan by default.
Regards,
Gilles.
06-06-2006 01:00 AM
Thank You for the hint, what I really want to achive is direct communication between real servers in different server farms (server vlans) - this is one problem.
And another question is, if it's possible to connect from real server in server vlan to a host which is in normal SVI vlan and in the other dircetion?
I'll take a look at "serverfarm route" command.
06-06-2006 03:35 AM
blah, to much work;) now I see this "serverfarm route" command is not a command:)
06-06-2006 04:05 AM
from real to real, in different vlans, there is nothing to do.
The CSM will simply route this traffic by default.
Same from real, to any host.
The config I gave you is for host to real.
Gilles.
06-08-2006 12:17 AM
Giles,
Is it possible to disable default routing between real to real in different server vlans?
Or should I change the vlan type from server to client?
Thanks, Wim
06-08-2006 02:50 AM
Wim,
you can't prevent the routing from real to real.
You can try to rename the server vlan as client vlan. I think it may work. You will then need the config I gave you to permit the traffic that you want.
Gilles.
07-31-2006 04:57 AM
Gilles,
I did some testing:
I configure 1 transit vlan and 2 other client vlans + on each server vlan I connected a server:
vlan 150 = transit towards client networks
vlan 154 = server vlan #1
vlan 155 = server vlan #2
vlan 150 client
ip address 10.33.30.6 255.255.255.0 alt 10.33.30.5 255.255.255.0
route 0.0.0.0 0.0.0.0 gateway 10.33.30.1
alias 10.33.30.8 255.255.255.255
!
vlan 154 client
ip address 10.33.35.6 255.255.255.0 alt 10.33.35.5 255.255.255.0
alias 10.33.35.1 255.255.255.0
!
vlan 155 client
ip address 10.33.40.6 255.255.255.0 alt 10.33.40.5 255.255.255.0
alias 10.33.40.1 255.255.255.255
As you can see, I changed the vlan mode into CLIENT. But that didn't changed
anything about the routing between vlan 154 and vlan 155.
In above configuration server at vlan 154 is able to ping the csm-alias of
vlan 155, but not de server at vlan 155.
The moment I add the configs for real and serverfarm, then both servers
are able to ping eachother.
real T_154_SRV2
address 10.33.35.50
location POC
inservice
real T_155_SRV1
address 10.33.40.50
location POC
inservice
!
serverfarm P_154_SF_80
nat server
no nat client
real name T_154_SRV2 80
inservice
!
serverfarm P_155_SF_23
nat server
no nat client
real name T_155_SRV1 23
inservice
Is there any other option available to make sure no routing between 2 client vlan
is possible?
Thanks ...
Wim
08-29-2007 03:56 AM
Gilles,
I know it's a reply to an aged port but I have a question.
If we were to try to IOS SLB without a CSM, what would happen to client traffic (SVI originated, on the MSFC) trying to reach real servers via the virtual IP?
Our IOS SLB is working from the outside (the net), but not from clients on the MSFC.
An added complication is that the server farm vlan is behind a FWSM in same chassis.
For example:
!
ip slb serverfarm WEB
nat server
real 192.168.3.11
weight 1
inservice
!
ip slb vserver WEB-WWW
virtual 192.168.16.250 tcp www
serverfarm WEB
inservice
!
interface Vlan-Client
description Local Clients
ip address 192.168.26.6 255.255.255.0
!
ip route 192.168.30.0 255.255.255.224 192.168.1.1 !
!
Is there a way of achieving this?
Thanks,
Mark
08-29-2007 07:19 AM
I would say, sniffer trace and the SYN from the client and then the SYN/ACK from the server.
See if they follow the same route or if there is any asymetri.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide