Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
829
Views
0
Helpful
2
Replies

Loadbalancer ACE4710 NAT

Go to solution
jkwakman
Level 1
Level 1

‎05-19-2011 04:44 AM

I'm having difficulties with a new loadbalncer setup.

The load balancer is implemented on one logical segment , ip range 172.16.211.0/24

Both sources and destinations (clients and servers) are on this segment.

Traffic from source to destination , and visa versa, need to go via the loadbalancer.

No "direct server return" is permitted here, this is not supported on the servers (appliances)

How can I perform that do I have to use source NAT here, if yes How do I implement this?

See the config below which I have at this moment

interface vlan 211
  ip address 172.16.211.121 255.255.255.0
  service-policy input int211

policy-map multi-match int211
  class VS-DRM-NVCAS1772
    loadbalance vip inservice
    loadbalance policy VS-DRM-NVCAS-l7slb-1772

class-map match-all VS-DRM-NVCAS1772
  2 match virtual-address 172.16.211.18 tcp eq 1772

policy-map type loadbalance first-match VS-DRM-NVCAS-l7slb-1772
  class class-default
    serverfarm SF-DRM-NVCAS1772

serverfarm host SF-DRM-NVCAS1772
  predictor leastconns
  probe VRA-1772
  rserver RS-DRM-NVCAS1 1772
    inservice
  rserver RS-DRM-NVCAS2 1772
    inservice

rserver host RS-DRM-NVCAS1
  ip address 172.16.211.42
  probe VCA-12695
  probe VRA-1772
  probe VSS-12693
  inservice
rserver host RS-DRM-NVCAS2
  ip address 172.16.211.43
  probe VCA-12695
  probe VRA-1772
  probe VSS-12693
  inservice

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sivaksiv
Cisco Employee
Cisco Employee

‎05-19-2011 05:19 AM

Hi,

Refer the doc below. The same is documented here with sample config.

http://docwiki.cisco.com/wiki/Basic_Load_Balancing_Using_One_Arm_Mode_with_Source_NAT_on_the_Cisco_Application_Control_Engine_Configuration_Example

For your setup:

interface vlan 211
  ip address 172.16.211.121 255.255.255.0
  service-policy input int211

  nat-pool 5 172.16.211.x 172.16.211.y netmask 255.255.255.0 pat

policy-map multi-match int211
  class VS-DRM-NVCAS1772
    loadbalance vip inservice
    loadbalance policy VS-DRM-NVCAS-l7slb-1772

  nat dynamic 5 vlan 211

-

Siva

View solution in original post

0 Helpful
2 Replies 2

Go to solution
sivaksiv
Cisco Employee
Cisco Employee

‎05-19-2011 05:19 AM

Hi,

Refer the doc below. The same is documented here with sample config.

http://docwiki.cisco.com/wiki/Basic_Load_Balancing_Using_One_Arm_Mode_with_Source_NAT_on_the_Cisco_Application_Control_Engine_Configuration_Example

For your setup:

interface vlan 211
  ip address 172.16.211.121 255.255.255.0
  service-policy input int211

  nat-pool 5 172.16.211.x 172.16.211.y netmask 255.255.255.0 pat

policy-map multi-match int211
  class VS-DRM-NVCAS1772
    loadbalance vip inservice
    loadbalance policy VS-DRM-NVCAS-l7slb-1772

  nat dynamic 5 vlan 211

-

Siva

0 Helpful

Go to solution
Jorge Bejarano
Level 4
Level 4
In response to sivaksiv

‎05-23-2011 09:30 PM

Siva is right.

Additionally, Here you have another document:

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3041.shtml

Natpool would do the trick

Jorge Bejarano

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card