cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
680
Views
0
Helpful
5
Replies

CSS Load Balencing issue on UDP Ports

avinash.juvekar
Level 1
Level 1

Hi,

I need to do load balancing of 2 servers which are in LAN over UDP 1024 port.

I need following.

1. Server should be load balanced on UDP port 1024. VIP is 172.24.7.48

2. When connection initiating from internet Clients for website request should take return path through CSS(same path as incomming).

3. When server initiating connections to client(outbound connect from CSS) it should reflect VIP 172.24.7.48 not any other ip.

4. Can i do Source group and destination group together for same services?

5. any additional setting reuired for UDP port load balancing?

LAN servers: 172.24.6.17 & 172.24.6.72

DMZ VIP: 172.24.7.48

======

attached in the config.

Thanks.

5 Replies 5

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

Hi Avinash,

Your configuration looks fine.

To answer your question regarding the groups, yes, it's possible to add services and destination services in the same group, however it's not a common approach. In your group configuration, you are natting to the VIP address (which is fine for traffic initiated from the server), but for client-initiated traffic most people instead prefer to NAT to an IP address in the server vlan. This way, the default gateway on the servers doesn't need to be modified (the servers see the request as coming from their own vlan so the gateway is not used)

Regards

Daniel

Hi Daniel,

Thanks for response.

If I use the source group IP from the LAN pool(server pool) , then the server initiated traffic towards internet client will not take VIP of the content rule.

My CSS ip and server gateways are different.

1. I need, when the request initiated by server farm, it should go out with ip of 172.24.7.48. if i use LAN pool ip then outgoing request will go with that ip.

2. How to configure source group and destination group togetherly. can you please give code related to my config?

Rgds,

Avinash

Hi Avinash,

What I meant was having two separate groups, one for server-initiated traffc and one for client-initiated. The configuration would be the one below:

group Telematics_server_initiated

  add service Telematics1

  add service Telematics2

  vip address 172.24.7.48

  active

group Telematics_client_initiated

  add destination service Telematics1

  add destination service Telematics2

  vip address 172.24.6.XX

  active

Daniel

Hi Daniel,

This i have already tried, but gives error when createing the destination groups that "Telematics 1 services already in use in source group"

Rgds,

Avinash

Hi Avinash,

You are right, you cannot use the same service name in more than one group. Anyway, the solution is easy, you can configure a new service with the same IP address and use it for the server_initiated group (it's better to keep for the client-initiated one the services with the same name as in the content rule)

Daniel

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: