Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
5
Helpful
3
Replies

CSS 11050 Load Balancing with Single VLAN (no NAT)

mromer
Level 1
Level 1

‎09-02-2003 07:01 AM

We have several CSS 11050's in use on our network, cheifly for load-balancing web servers. In a test network I've set up, I've configured our test servers' IP addresses and our load-balanced IP address to be on the same subnet. This way our developers can easily check both single servers as well as the LB configuration. This got me thinking...

All the config documentation I've seen on the CSS seems to assume that you are putting the VIP for the content rule on a different VLAN than the IPs for the services. Is there any particular need for this? I'm in the process of setting up another network that will have its services NATed behind a PIX. There are some services (WWW) that I want load balanced and some services (passive FTP with one server) where there's really no need. Would I do any harm by putting the content rules' VIPs on the same subnet as the servers themselves? I can still plug the servers into the other ports on the CSS so that I'm not really doing a "one-arm" configuration.

-Mark Romer

Labels:
0 Helpful
3 Replies 3

d.parks
Level 1
Level 1

‎09-02-2003 07:14 AM

As long as the servers are plugged into the CSS or otherwise bridge their traffic through the CSS, you should be fine. If there are any alternate traffic paths that bypass the CSS, then you may need to NAT traffic at the CSS using a source group.

mromer
Level 1
Level 1
In response to d.parks

‎09-02-2003 08:14 AM

Thank you.

0 Helpful

cody.rowland
Level 1
Level 1

‎09-04-2003 04:24 AM

You shouldn't have any problem doing this. In addition to load balancing web servers we've also balanced terminal servers that are configured to be accessed by remote users through VPN connections. Because we have over 90 remote locations, I didn't want the services and the VIP addresses to be on different VLAN's because I'd have to reconfigure the routers in all the remote locations. I was in the same position you're in, all the documentation indicated different VLAN's but I thought it would be a worth a try. Everything works perfectly...

Cody Rowland

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card