07-30-2008 08:15 PM
please see the attached 2 topology about the CSS deployment, can someone tell me what is the different of these 2 approach? And what is the disadvantage of advantage?
thanks
Solved! Go to Solution.
07-31-2008 12:40 AM
One arm mode is ideal in situations where there is an existing Infrastructure and you do not want to make any changes to the network. Another
advantage is that Non-LB traffic (Which could be huge like backups) doesnt passes through CSS thus leaving high throughput for LB traffic. One disadvantage is that if your real servers will see all traffic sourced from CSS ip (If you are using source NAt).
In routed mode all traffic to reals (Non LB & Load balanced) traffic passes through the CSS.
It can provide extra security as you can hide the Reals behind the CSS.
07-31-2008 04:32 AM
i would like to add one more mode that might be useful which is relate to the left one
in addition to be in a routed-mode it can be configured in brige-mode
in this case the server default gateway will be the router not the CSS
To configure your CSS in bridge mode, you simply configure your client and server VLANs with the same VLAN number. You must also configure the client and server subnets as the same
also this note from cisco press very helpful:
Because the CSS handles bridged packets in software, unless absolutely necessary, you should avoid configuring your CSS in bridge mode. Instead, you should configure your CSS in router mode, where packets are processed in hardware. Alternatively, the CSM handles both bridge- and router-mode traffic in hardware
thanks
please if helpful Rate
07-30-2008 08:24 PM
Its "One Arm-- rightside" Vs "Inline Routed mode -- left side".
In One Arm you need to make sure that return traffic from servers passes through the CSS. Source NAT & PBR are used in these cases.
Default gateway of servers in One ARM mode is the upstream router.VIPs and Real servers can share the same subnet.
In Inline routed mode, CSS is defined as default gateway for the real servers. Vips and Real Servers are on diff subnets.
Syed Iftekhar Ahmed
07-31-2008 12:29 AM
thanks for your explaination! Can you give me know information about: in which circumstance, we should choose "one armed" or "in-line " mode?
07-31-2008 12:40 AM
One arm mode is ideal in situations where there is an existing Infrastructure and you do not want to make any changes to the network. Another
advantage is that Non-LB traffic (Which could be huge like backups) doesnt passes through CSS thus leaving high throughput for LB traffic. One disadvantage is that if your real servers will see all traffic sourced from CSS ip (If you are using source NAt).
In routed mode all traffic to reals (Non LB & Load balanced) traffic passes through the CSS.
It can provide extra security as you can hide the Reals behind the CSS.
07-31-2008 04:32 AM
i would like to add one more mode that might be useful which is relate to the left one
in addition to be in a routed-mode it can be configured in brige-mode
in this case the server default gateway will be the router not the CSS
To configure your CSS in bridge mode, you simply configure your client and server VLANs with the same VLAN number. You must also configure the client and server subnets as the same
also this note from cisco press very helpful:
Because the CSS handles bridged packets in software, unless absolutely necessary, you should avoid configuring your CSS in bridge mode. Instead, you should configure your CSS in router mode, where packets are processed in hardware. Alternatively, the CSM handles both bridge- and router-mode traffic in hardware
thanks
please if helpful Rate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide