Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1640
Views
0
Helpful
3
Replies

loadbalancing DHCP ?

patrik.spiess
Level 1
Level 1

‎08-26-2011 07:01 AM

Hi all

Has anyone ever sucessfully loadbalanced dhcp with an ACE module?

We use an ACE20-MOD-K9 with version A2(3.5). After I configured a policy which loadbalances everything to one rserver and one standby rserver it seems that it does not work as expected.

config:

probe udp PROBE_7_101_DHCP

  port 67

  interval 10

  passdetect interval 60

  passdetect count 2

rserver host REAL_SERVER_IDDHCP03

  ip address <ip1>

  inservice

rserver host REAL_SERVER_IDDHCP04

  ip address <ip2>

  inservice

serverfarm host SERVERFARM_7_101

  probe PROBE_7_101_DHCP

  rserver REAL_SERVER_IDDHCP03

    backup-rserver REAL_SERVER_IDDHCP04

    inservice

  rserver REAL_SERVER_IDDHCP04

    inservice standby

class-map match-all CLASS_MAP_VIP_7_101

  2 match virtual-address <vip> any

policy-map type loadbalance first-match POLICY_MAP_L7_7_101

  class class-default

    serverfarm SERVERFARM_7_101

policy-map multi-match POLICY_MAP_L3L4_7_101

  class CLASS_MAP_VIP_7_101

    loadbalance vip inservice

    loadbalance policy POLICY_MAP_L7_7_101

    loadbalance vip icmp-reply active

interface vlan 1207

  bridge-group 7

  no normalization

  mac-sticky enable

  no icmp-guard

  service-policy input POLICY_MAP_L3L4_7_101

  no shutdown

interface vlan 1257

  bridge-group 7

  no normalization

  no icmp-guard

  no shutdown

interface bvi 7

  ip address ...

  alias ...

  peer ip address ...

  no shutdown

After some tcpdumping we saw that the dhcp requests gets it's way to the IDDHCP03 which correcty answers with an dhcp offer. But the offer never comes back to the client (which sends it's request over an ASA with a dhcp relay agent configured).

Any ideas?

Should dhcp loadbalancing work with the ACE module? (it just has to loadbalance udp/67 like it does it with every other protocol)

Thanks

Patrik

Labels:
0 Helpful
3 Replies 3

venkatkr
Cisco Employee
Cisco Employee

‎08-26-2011 02:18 PM

HI Patrcik,

This link should answer your question

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A1/configuration/rtg_brdg/guide/dhcp.html

We dont support DHCP loadbalancing. ACE can act like a DHCP relay. The above link should answer your question.

If not let me know

Thanks

VK

0 Helpful

Ahmad Basel Jaber
Level 1
Level 1
In response to venkatkr

‎08-27-2011 05:41 PM

Hey Patrik,

Can you give more detail about the network topology, including the IP addresses, default gateway on the ASA, ACE and the DHCP server?

Can you share the snifferes you collected?

Looking to the ASA configuration, what is the DHCP server IP address configured within the relay configuration, is it the real DHCP server IP address or the VIP IP on the ACE?

Best regards,

Ahmad

0 Helpful

patrik.spiess
Level 1
Level 1

‎08-30-2011 11:58 PM

Thanks for your answers.

After some more investigation we found that it was not a problem with the ACE. We were not able to see the returning traffic because of our redundancy setup. In fact, I tcpdumped on the wrong wire :-(

And just to confirm: The ACE supports loadbalancing of DHCP. It just has to dispatch udp/67 and udp/68 packets to the coresponding realservers, which almost works as expected.

regards

Patrik

0 Helpful
Customers Also Viewed These Support Documents