CSS Load Balancing

wasiimcisco · ‎04-03-2011

I am new to CSS. I have CSS 1150 with IOS 7.3. I want to load balancing two servers 192.168.210.55 and 192.168.210.56 on port 80.

My CSS is connected in single arm configuration. Core switch is dong the Inter VLAN routing and CSS is connected in the VLAN 200 access Port.

Servers and CSS are connected to same Layer 3 switch.

CSS is in VLAN 200 (192.168.200.10)

Servers are in VLAN 210

Below is the configuration of my CSS

================================================================================

CSS11501(config)# show run
!Generated on 04/03/2011 16:47:41
!Active version: sg0730106

configure

!*************************** GLOBAL ***************************
username net des-password xxxxxx superuser

logging subsystem flowmgr level debug-7
logging disk log.log

ip route 0.0.0.0 0.0.0.0 192.168.200.1 1

!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
bridge port-fast enable
bridge vlan 2

interface e2
bridge vlan 2
bridge port-fast enable
phy 100Mbits-FD

interface e4
bridge port-fast enable
phy 100Mbits-FD

interface e8
bridge port-fast enable
phy 100Mbits-FD

!************************** CIRCUIT **************************
circuit VLAN1

ip address 192.168.200.10 255.255.255.0

!************************** SERVICE **************************
service Citrix_Xenapp
ip address 192.168.210.55
keepalive port 80
active

service Citrix_Xenapp_2
ip address 192.168.210.56
keepalive port 80
active

!*************************** OWNER ***************************
owner ENOC_Citrix_XENAPP

content Citrix_XENAPP
    add service Citrix_Xenapp
    add service Citrix_Xenapp_2
    vip address 192.168.200.52
    protocol tcp
    port 80
    active

CSS11501(config)# show service

Services (3 entries):

Name: Citrix_Xenapp     Index: 0
Type: Local            State: Alive
Rule ( 192.168.210.55 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/03/2011 16:38:49
Mtu:                       1500        State Transitions:            14
Total Local Connections:   0           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         0           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

Name: Citrix_Xenapp_2   Index: 6
Type: Local            State: Alive
Rule ( 192.168.210.56 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/03/2011 16:39:40
Mtu:                       1500        State Transitions:            12
Total Local Connections:   1           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         1           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

CSS11501(config)# sh version
Version:               sg0730106 (07.30.1.06)
Flash (Locked):        07.20.2.06
Flash (Operational):   07.30.1.06
Type:                  PRIMARY
Licensed Cmd Set(s):   Standard Feature Set

CSS11501(config)# sh run
!Generated on 04/03/2011 17:39:46
!Active version: sg0730106

configure

!*************************** GLOBAL ***************************
username net des-password xxxxx superuser

logging subsystem flowmgr level debug-7
logging disk log.log

ip route 0.0.0.0 0.0.0.0 192.168.200.1 1

!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
bridge port-fast enable
bridge vlan 2

interface e2
bridge vlan 2
bridge port-fast enable
phy 100Mbits-FD

interface e4
bridge port-fast enable
phy 100Mbits-FD

interface e8
bridge port-fast enable
phy 100Mbits-FD

!************************** CIRCUIT **************************
circuit VLAN1

ip address 192.168.200.10 255.255.255.0

!************************** SERVICE **************************
service Citrix_Xenapp
ip address 192.168.210.55
keepalive port 80
active

service Citrix_Xenapp_2
ip address 192.168.210.56
keepalive port 80
active

!*************************** OWNER ***************************
owner ENOC_Citrix_XENAPP

content Citrix_XENAPP
    add service Citrix_Xenapp
    add service Citrix_Xenapp_2
    vip address 192.168.200.52
    protocol tcp
    port 80
    active

CSS11501(config)# show service

Services (3 entries):

Name: Citrix_Xenapp     Index: 0
Type: Local            State: Alive
Rule ( 192.168.210.55 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/03/2011 16:38:49
Mtu:                       1500        State Transitions:            14
Total Local Connections:   0           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         0           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

Name: Citrix_Xenapp_2   Index: 6
Type: Local            State: Alive
Rule ( 192.168.210.56 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/03/2011 16:39:40
Mtu:                       1500        State Transitions:            12
Total Local Connections:   1           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         1           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

CSS11501(config)# show content

Content Database:

Pieces of content for module: 1
-----------------------------------
Total Content: 56

CSS11501(config)# show owner
Owner Configuration:

Name:           ENOC_Citrix_XENAPP
Billing Info:
Address:
Email Address:
DNS Policy:     none
Case Matching: Insensitive

CSS11501(config)# show owner ?
<cr>                Execute command
ENOC_Citrix_XENAPP
CSS11501(config)# show owner ENOC_Citrix_XENAPP ?
<cr>                Execute command
statistics          Show owner statistical information
CSS11501(config)# show owner ENOC_Citrix_XENAPP
Owner Configuration:

Name:           ENOC_Citrix_XENAPP
Billing Info:
Address:
Email Address:
DNS Policy:     none
Case Matching: Insensitive

CSS11501(config)# show owner ENOC_Citrix_XENAPP statistics
Owner Statistics for <ENOC_Citrix_XENAPP>:
DNS Policy:                        None Case Sensitivity:                   Off
Hits:                                 1 Reject Overload:                      0
Bytes:                               52 Reject No Services                    0
Frames:                               1 Drops                                 0
Redirects                             0 NAT Translations:                     0
Spoofs:                               0

CSS11501(config)#

The load balaning IP is 192.168.200.52 but I cant ping this virtual IP and cant telnet on port 80 on this IP address.

CSS11501(config)# ping 192.168.205.55
Pinging 192.168.205.55 1 time(s)...
Working(-) 0/1
0% Success.

%% Ping Failure
CSS11501(config)# ping 192.168.210.55
Pinging 192.168.210.55 1 time(s)...
Working(-) 1/1
100% Success.

CSS11501(config)# ping 192.168.210.56
Pinging 192.168.210.56 1 time(s)...
Working(-) 1/1
100% Success.

CSS11501(config)# ping 192.168.210.1
Pinging 192.168.210.1 1 time(s)...
Working(-) 1/1
100% Success.

CSS11501(config)# ping 192.168.200.1
Pinging 192.168.200.1 1 time(s)...
Working(-) 1/1
100% Success.

Network connectivity is there. Please let me know what I am missing and how to solve this problem.

Thanks in advance.

wasiimcisco · ‎04-04-2011

Dear All,

Can anybody help me out.

stmccabe · ‎04-04-2011

Hello,

Your servers on on vlan 210? Sounds like traffic isn't being sent symetrically back through the CSS. You can implement what is called source nat, which enables the CSS to forward the traffic with the source IP and mac address of an IP defined in a nat configuration on the CSS. This will force traffic back through the ACE.

In addition, if you have the CSS in one arm mode, you will require policy based route to catch both client side and server side traffic and set IP next hop to appropriate IP on the CSS (VRRP address).

To configure source nat you can refer to the following:

http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/content_lb/guide/SGrp.html

Here is an example of configuring a CSS in one arm mode:

http://www.cisco.com/image/gif/paws/49841/css_asr_config.pdf

And one more thing.. You may want to consider upgrading your WebNS from 7.30 to 8.20x.. 7.30 is EOS.

Thanks.

Stephen McCabe

wasiimcisco · ‎04-04-2011

Thanks for the reply, But I have modified my configuration. Now I am load balancing VLAN 200 Servers where the CSS also located in the same VLAN. Attach is the updated configuration.

I can only ping the VIP but not able to telnet on VIP (192.168.200.65 80).

configure

!*************************** GLOBAL ***************************
username net des-password net@dmin superuser
no restrict web-mgmt

logging subsystem flowmgr level debug-7
logging disk log.log

ip route 0.0.0.0 0.0.0.0 192.168.200.1 1

!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
bridge port-fast enable
bridge vlan 2

interface e2
bridge vlan 2
bridge port-fast enable
phy 100Mbits-FD

interface e4
bridge port-fast enable
phy 100Mbits-FD

interface e8
bridge port-fast enable
phy 100Mbits-FD

!************************** CIRCUIT **************************
circuit VLAN1

ip address 192.168.200.10 255.255.255.0

!************************** SERVICE **************************
service Citrix_Xenapp
ip address 192.168.210.55
keepalive port 80
active

service Citrix_Xenapp_2
ip address 192.168.210.56
keepalive port 80
active

service ENOC_EFAX_1
ip address 192.168.200.66
keepalive type none
protocol tcp
port 80
active

service ENOC_EFAX_2
ip address 192.168.200.67
keepalive type none
port 80
protocol tcp
active

!*************************** OWNER ***************************
owner ENOC_Citrix_XENAPP

content Citrix_XENAPP
    add service Citrix_Xenapp
    add service Citrix_Xenapp_2
    vip address 192.168.200.52
    protocol tcp
    port 80
    active

owner ENOC_EFAX

content EFAX
    add service ENOC_EFAX_2
    add service ENOC_EFAX_1
    vip address 192.168.200.65
    protocol tcp
    port 80
    active

!*************************** GROUP ***************************
group EFAX
vip address 192.168.200.65
add service ENOC_EFAX_1
add service ENOC_EFAX_2
active

=====================

CSS11501(config)# show flow
flow-timeout Display flow-timeout values.
flows Show flow summary information

CSS11501(config)# show flow 0.0.0.0
^
%% Invalid input detected at '^' marker.

CSS11501(config)# show flows 0.0.0.0

--------------- ----- --------------- ----- --------------- --- ------- ------
Src Address     SPort Dst Address     DPort NAT Dst Address Prt InPort OutPort
--------------- ----- --------------- ----- --------------- --- ------- ------
192.168.80.89   4567 192.168.200.65 80    192.168.200.67 TCP e8        e8
192.168.200.67 80    192.168.80.89   4567 192.168.80.89   TCP e8        e8
192.168.80.89   2474 192.168.200.10 23    0.0.0.0         TCP e8        Ipv4

CSS11501(config)# show service

Services (5 entries):

Name: Citrix_Xenapp     Index: 0
Type: Local            State: Alive
Rule ( 192.168.210.55 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/04/2011 21:57:17
Mtu:                       1500        State Transitions:            0
Total Local Connections:   0           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         0           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

Name: Citrix_Xenapp_2   Index: 6
Type: Local            State: Alive
Rule ( 192.168.210.56 ANY ANY )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (ICMP   5   3   5 )
Last Clearing of Stats Counters: 04/04/2011 21:57:17
Mtu:                       1500        State Transitions:            0
Total Local Connections:   0           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         0           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

Name: ENOC_EFAX_1       Index: 1
Type: Local            State: Alive
Rule ( 192.168.200.66 TCP 80 )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (NONE   5   3   5 )
Last Clearing of Stats Counters: 04/04/2011 21:57:17
Mtu:                       1500        State Transitions:            0
Total Local Connections:   1           Total Backup Connections:     0
Current Local Connections: 0           Current Backup Connections:   0
Total Connections:         1           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

Name: ENOC_EFAX_2       Index: 2
Type: Local            State: Alive
Rule ( 192.168.200.67 TCP 80 )
Session Redundancy: Disabled
Redirect Domain:
Redirect String:
Keepalive: (NONE   5   3   5 )
Last Clearing of Stats Counters: 04/04/2011 21:57:17
Mtu:                       1500        State Transitions:            0
Total Local Connections:   2           Total Backup Connections:     0
Current Local Connections: 1           Current Backup Connections:   0
Total Connections:         2           Max Connections:              65534
Total Reused Conns:        0
Weight:                    1           Load:                         2
DFP:                       Disable

CSS11501(config)# show service summary

Service Name State Conn Weight Avg State
Load Transitions

Citrix_Xenapp                    Alive         0      1     2            0
Citrix_Xenapp_2                  Alive         0      1     2            0
ENOC_EFAX_1                      Alive         0      1     2            0
ENOC_EFAX_2                      Alive         1      1     2            0

CSS11501(config)# show rule

Content Rules:

/////
\\\///
///\\\ The Duke of Url.
{ O--O }
/ /\ \
\ -- /
[||]

>>>>>>>>

Name:                    EFAX   Owner:               ENOC_EFAX
State:                 Active   Type:                     HTTP
Balance:          Round Robin   Failover:                  N/A
Persistence:          Enabled   Param-Bypass:         Disabled
Session Redundancy: Disabled
IP Redundancy:    Not Redundant
L3:         192.168.200.65
L4:         TCP/80
Url:
Redirect: ""
TCP RST client if service unreachable: Disabled
Rule Services & Weights:
1: ENOC_EFAX_1-Alive, S-1
2: ENOC_EFAX_2-Alive, S-1

>>>>>>>>

Name:           Citrix_XENAPP   Owner:      ENOC_Citrix_XENAPP
State:                 Active   Type:                     HTTP
Balance:          Round Robin   Failover:                  N/A
Persistence:          Enabled   Param-Bypass:         Disabled
Session Redundancy: Disabled
IP Redundancy:    Not Redundant
L3:         192.168.200.52
L4:         TCP/80
Url:
Redirect: ""
TCP RST client if service unreachable: Disabled
Rule Services & Weights:
1: Citrix_Xenapp-Alive, S-1
2: Citrix_Xenapp_2-Alive, S-1

CSS11501(config)# show content

Content Database:

Pieces of content for module: 1
-----------------------------------
Total Content: 56

CSS11501(config)# show owner
Owner Configuration:

Name:           ENOC_EFAX
Billing Info:
Address:
Email Address:
DNS Policy:     none
Case Matching: Insensitive

Name:           ENOC_Citrix_XENAPP
Billing Info:
Address:
Email Address:
DNS Policy:     none
Case Matching: Insensitive

CSS11501(config)#

Please let me know what I am missing and also one link is not working.

To configure source nat you can refer to the following:

http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/content_lb/guide/SGrp.html

stmccabe · ‎04-04-2011

Since you are sourcing the connections from the client side you need to add the services under the source group as destination services:

For example:

add destination service ENOC_EFAX_1
add destination service ENOC_EFAX_2

wasiimcisco · ‎04-04-2011

Thanks for the prompt reply, Do I need to bridge my CSS e8 interface in VLAN 200 where the servers are located. Currently port where the CSS is connected is acccess port for VLAN 200.

CSS11501(config)# show circuits
                                                                Operational
Circuit name Circuit State     IP Address       Interface(s)   Status
------------ -------------     --------------- ------------   ------------

VLAN1 active-ipEnabled 192.168.200.10 e8 Up

Now how can i load balance my other servers located in Differenet VLANS. The link you sent me is not working. Do i need to create Trunk port etc in order to communicate with multiple VLAN.

stmccabe · ‎04-04-2011

Yes.. I assumed that was in there.. You will need to setup either a trunked interface or have two L3 interfaces in each VLAN 200/201.. That will fix the issue.

wasiimcisco · ‎04-05-2011

I tried configuring the trunk port but I am not able to do this. After making the trunk i cant ping or access the CSS though the port on the core switch is showing up . I want to load balance servers located in VLAN 200 and VLAN 3.

The following is the config that I am doing on the core switch as well as on the content switch.

ENOCDC_CORE02#sh running-config interface gigabitEthernet 2/7
Building configuration...

Current configuration : 140 bytes
!
interface GigabitEthernet2/7
description connected to the ENOC_CSS
switchport
switchport mode trunk
no ip address
end

CSS11501(config)# sh trunk

Port VLAN Default VLAN

---- ---- ------------

e7 VLAN3 None

VLAN200

CSS11501(config)# sh run

!Generated on 04/05/2011 11:43:01

!Active version: sg0730106

configure

!*************************** GLOBAL ***************************

username net des-password net@dmin superuser

no restrict web-mgmt

logging subsystem flowmgr level debug-7

logging disk log.log

ip route 0.0.0.0 0.0.0.0 192.168.200.1 1

!************************* INTERFACE *************************

interface e1

phy 100Mbits-FD

bridge port-fast enable

bridge vlan 2

interface e2

bridge vlan 2

bridge port-fast enable

phy 100Mbits-FD

interface e4

bridge port-fast enable

phy 100Mbits-FD

interface e7

trunk

vlan 3

vlan 200

interface e8

bridge port-fast enable

phy 100Mbits-FD

!************************** CIRCUIT **************************

circuit VLAN1

ip address 192.168.200.10 255.255.255.0

!************************** SERVICE **************************

service Citrix_Xenapp

ip address 192.168.210.55

keepalive port 80

active

service Citrix_Xenapp_2

ip address 192.168.210.56

keepalive port 80

active

service ENOC_EFAX_1

ip address 192.168.200.66

keepalive type none

protocol tcp

port 80

active

service ENOC_EFAX_2

ip address 192.168.200.67

keepalive type none

port 80

protocol tcp

active

!*************************** OWNER ***************************

owner ENOC_Citrix_XENAPP

content Citrix_XENAPP

add service Citrix_Xenapp

add service Citrix_Xenapp_2

vip address 192.168.200.52

protocol tcp

port 80

active

owner ENOC_EFAX

content EFAX

add service ENOC_EFAX_2

add service ENOC_EFAX_1

vip address 192.168.200.65

protocol tcp

port 80

active

!*************************** GROUP ***************************

group EFAX

vip address 192.168.200.65

add service ENOC_EFAX_1

add service ENOC_EFAX_2

active

CSS11501(config)# show circuits

Operational

Circuit name Circuit State IP Address Interface(s) Status

------------ ------------- --------------- ------------ ------------

VLAN1 down-ipEnabled --

VLAN2 down-ipDisabled --

VLAN3 down-ipDisabled --

VLAN200 down-ipDisabled --

CSS11501(config)# show bridge ?

forwarding Bridge Forwarding Table

port-fast Bridge port-fast state

status Bridge spanning-tree status

CSS11501(config)# show bridge status

VLAN1 STP State: Enabled

VLAN1: Root Max Age: 6 Root Hello Time: 1 Root Fwd Delay: 4

Designated Root: 80-00-00-0e-d7-93-5e-74

Bridge ID: 80-00-00-0e-d7-93-5e-74

Root Port Desg

Port State Designated Bridge Designated Root Cost Cost Port

---- ----- ----------------------- ----------------------- ---- ---- ----

VLAN2 STP State: Enabled

VLAN2: Root Max Age: 6 Root Hello Time: 1 Root Fwd Delay: 4

Designated Root: 80-00-00-0e-d7-93-5e-75

Bridge ID: 80-00-00-0e-d7-93-5e-75

Root Port Desg

Port State Designated Bridge Designated Root Cost Cost Port

---- ----- ----------------------- ----------------------- ---- ---- ----

VLAN3 STP State: Enabled

VLAN3: Root Max Age: 6 Root Hello Time: 1 Root Fwd Delay: 4

Designated Root: 80-00-00-0e-d7-93-5e-77

Bridge ID: 80-00-00-0e-d7-93-5e-77

Root Port Desg

Port State Designated Bridge Designated Root Cost Cost Port

---- ----- ----------------------- ----------------------- ---- ---- ----

e7-3 Dis 00-00-00-00-00-00-00-00 00-00-00-00-00-00-00-00 0 19 0000

VLAN200 STP State: Enabled

VLAN200: Root Max Age: 6 Root Hello Time: 1 Root Fwd Delay: 4

Designated Root: 80-00-00-0e-d7-93-5e-76

Bridge ID: 80-00-00-0e-d7-93-5e-76

Root Port Desg

Port State Designated Bridge Designated Root Cost Cost Port

---- ----- ----------------------- ----------------------- ---- ---- ----

e7-200 Dis 00-00-00-00-00-00-00-00 00-00-00-00-00-00-00-00 0 19 0000

CSS11501(config)# show arp

ARP Resolution Table:

IP Address MAC Address Type Port

CSS11501(config)# show arp

ARP Resolution Table:

IP Address MAC Address Type Port

I am following this document for the trunk configuration.

http://www.cisco.com/image/gif/paws/21303/css_dot1q.pdf

Please let me know how to achieve this.

wasiimcisco · ‎04-05-2011

Hi,

I tried different combinnation of configuration but no luck.

Also I have requirement of Server which is communicating on multiple ports (RightFax Server). How can i load balance TCP 80, 443, 15020, 15021 located in the same Server.

I can see the range command but I dont have a range I have multiple ports.

stmccabe · ‎04-05-2011

Without seeing your entire configuration of your adjacent router which you are doing some sort of PBR on, the sourcenat configuration will allow flows to symetrically flow through the CSS and I believe we see that in your output of show flows..

To load balance to different tcp services on the CSS you can do one of two things.. You can stand up new VIP addresses (unique IP and port content rules), or you can use the same VIP, just define same IP under multiple content rules, for example:

owner ENOC_EFAX

content EFAX

add service ENOC_EFAX_2

add service ENOC_EFAX_1

vip address 192.168.200.65

protocol tcp

port 80

active

owner ENOC_EFAX

content EFAX

add service ENOC_EFAX_2_443 <-- create corresponding services for these

add service ENOC_EFAX_1_443 <-- create corresponding services for these

vip address 192.168.200.65

protocol tcp

port 443

active

owner ENOC_EFAX

content EFAX

add service ENOC_EFAX_2_15543 <-- create corresponding services for these

add service ENOC_EFAX_1_15543 <-- create corresponding services for these

vip address 192.168.200.65

protocol tcp

port 15543

active

wasiimcisco · ‎04-05-2011

Ok i will try that but please let me know y trunk ia not working 4 me.

I have core switch 6509 where all vlans are configured like vlan 3 (192.168.210.0) and vlan 200 (192.168.200.0)

Simple trunk config on switch and CSS please let me know how to fix it

Sent from Cisco Technical Support iPhone App

stmccabe · ‎04-05-2011

You need to have your Circuit in VLAN 200. Otherwise the CSS will not arp out and/or respond to arp broadcasts on vlan 200

wasiimcisco · ‎04-07-2011

i tired the following command but i was not able to even ping my gateway.

I remove circuit VLAN1 and created the follwoing config

circuit VLAN200

ip address 192.168.200.10 255.255.255.0

i have tried multiple options but unable to configure trunk with the core switch. I can only load balance servers in VLAN 200 but cant do the same on VLAN 3 and other VLAN.

Please let me know how can I configure trunk so that i can do the load balance on other VLANs.