Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
0
Helpful
1
Replies

CSM module: rserver to rserver (or VIP) connections between serverfarms

f.makarenko
Level 1
Level 1

‎04-26-2012 08:18 AM

Hello,

I am trying to audit an existing configuration of CSM module.

Unfortunately have not an experience in CSM module configaration.

The main goal is to understand if there are any direct connection between servers

in different serverfarms (i.e. server from one serfarm opens session to server in

second serverfarm to VIP or to real IP). Also I need to know if there exist any

server initiated connection.

For serverfarms in CSM configuration there are two options configured

1)

nat server

nat client <pool>

2)

nat server

no nat client

As I understand, if there is no "static nat" lines in CSM configuration it means that

there can not be server initiated connections. Is this correct?

What is the best way to check if there are any direct connections between different serverfarms?

Is it enough to take an output of "show conn" command like

    prot vlan source                destination           state      

----------------------------------------------------------------------

In  UDP  149  10.13.205.20:57944    10.36.22.20:23235     ESTAB      

Out UDP  449  10.36.22.24:23235     10.13.205.20:57944    ESTAB      

and check if there is "In" connection from <source IP> in one serverfarm to <destination IP>

in second serverfarm? As for now I did not see such connections.

Will be presented direct server-server/VIP or server initiated connections in "sh conn" command

output for CSM module?

Could you advise me how to check this in CSM configuration or show commands output?

Thank you in advance.

Labels:
0 Helpful
1 Reply 1

mwinnett
Level 3
Level 3

‎05-09-2012 01:21 AM

If the vserver to vserver connection is made between devices in the same subnet and the client uses the vsever address (rather than a vip address) then this will not be seen via the CSM at all. If the client vserver targets the vip address, then it is probable that you will require source nat to make it work. If a vserver starts a connection to another vserver addess (not vip) in a different subnet and the connection flows via the CSM,  then the CSM will show this in its connection table. You can test this via "telnet " and check the connection table. Any working vserver to vip connections will be visible in the connection table. Matthew

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card