Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1182
Views
0
Helpful
4
Replies

IOS SLB Route Health Injection

stevek1
Level 1
Level 1

‎08-05-2004 08:46 PM

Hi,

Some advice with RHI please...

Reference this URL...

http://www.cisco.com/en/US/products/sw/iosswrel/ps1833/products_feature_guide09186a0080208123.html#wp2144748

I am trying to setup a scenario similar to figure18. Difference is that I have the WAN router connected only to site with SLB A and traffic to site with SLB B must traverse the SLB A MSFC2 before being routed to site B. My real server at Site B is layer 1 disconnected in normal operation. When my real server fails at site A, real server B gets connected (manually) and now all network routers gain knowledge of the route to the virtual server IP at site B via eigrp as expected. So far so good. The problem is that when a packet destined for the virtual IP arrives at the SLB A MSFC2, the packet is routed to the SLB A virtual IP the same as it was when the SLB A real server was online. This is because the vserver is still considered to be OPERATIONAL even though the real server is in the PROBE_FAILED state. So is there a way to have SLB A declare the vserver as something other than OPERATIONAL when the probe notices that the real is down so that SLB A MSFC2 forwards packets destined for the virtual address to site B? Configs attached...

Debug shows that:

SLB A real is down...PROBE_FAILED

SLB B real is up...OPERATIONAL

A remote client ping is still being seen in SLB A debug.

The route to the virtual address is injected into EIGRP as expected by SLB B MSFC2.

Any help appreciated.

Labels:
Preview file
1 KB
0 Helpful
4 Replies 4

Gilles Dufour
Cisco Employee
Cisco Employee

‎08-07-2004 10:57 PM

you have the command that you need already - advertise active.

So, could you give us output of

- show ip slb vser

- sho ip slb real

so we can see the status of both.

Regards,

Gilles.

0 Helpful

stevek1
Level 1
Level 1
In response to Gilles Dufour

‎08-08-2004 11:02 PM

Thanks for your time Gilles,

I've attached some log output from SLB A and B switches which includes the commands you requested + some debug and routing tables etc. As you can see, the route is learned by SLB A from SLB B via eigrp but the SLB A switch still takes packets destined for the vserver address. Also attached the view from the remote client perspective.

Many thanks, SteveK.

Preview file
83 KB
0 Helpful

stevek1
Level 1
Level 1
In response to stevek1

‎04-18-2006 04:09 PM

Hi Gilles,

This is a thread I had going a couple of years ago. Basically, the requirement was to achieve live failover of an IP network between 2 Datacentres. I tried to do this on a pair of 6509s using IOS SLB with RHI. The problem was that although the configuration ensured the standby network was made available on the loss of probe when the primary network failed, the primary network was still considered available locally for users at the primary site.

In order that I can get an up to date appraisal from you as an expert in this area, could you pls advise the best practice way to achieve this requirement, given the current topology (now have 6513s) as depicted in the attached block diagram? Would the IOS SLB with RHI work now or do I need CSMs in the 6513s? Pls point me to any additional hardware/software to meet this need.

Thanks in advance...Steve.

Preview file
19 KB
0 Helpful

Aleksandar Aleksiev
Level 1
Level 1
In response to stevek1

‎08-30-2010 10:32 PM

Hello SteveK

If your local users subnet is using a default gateway on the same C6500, the real ip subnet will be always available for them. The probe could be failed for one IP address (your server), but the subnet will be still available via the C6500 L3 address (used as a gate for the all servers).

The virtual ip availability is another case. These addresses are injected with mask /32 from your C6500, but if on the same device you have some summarizations, the advertised IP will become advertised subnet and this subnet will be available since at least one from his addresses is advertised. In this case your server will be down, intercepted by the probe and the route injection stoped by the "advertise active" statement, but the subnet still will be presented in the routing table...

These two examples are just a part of many possibilities, but without more network design details and routing information is difficult to guess the right direction.

However, the thread is 4 years old and I was just curious to know if you found the solution...

Greetings,

Alex

0 Helpful
Customers Also Viewed These Support Documents