12-06-2007 09:44 AM
Hello all,
I've been given the task of setting up new rules for load balancing FTP servers. These servers will be available internally as well as externally to our network. We do a great deal of business critical FTP transfers among our customers. So the plan is to place multiple (at least two for now) FTP servers with a backend shared storage resource. I've configured a simple L3 rule to do this:
content FTP_DMZ
protocol tcp
add service FTP_DMZ
advanced-balance sticky-srcip
vip address 192.168.66.23
port 21
active
But the FTP session does not reach the server. I can FTP to the real address of the server through the LB (a 11501 running 8.10.4.01). I cannot to the VIP.
Any help? I have tried the APP FTP-CONTROL, but that does not change the situation.
Thanks in advance for any input.
Jim
12-06-2007 10:31 AM
You are missing two things
1. you need to define a group
2. application ftp-control command under content rule.
More details at
HTH
Syed Iftekhar Ahmed
12-06-2007 11:13 AM
Syed,
I am not new to Loadbalancers. I do have my services and group defined. And as I stated, I have tried the APP FTP-CONTROL and it had no affect. Along with enabling APPLICATION globally.
Thanks for the reply.
Jim
01-03-2008 07:44 AM
Are you doing Passive transfers? The reason I ask is that I have a TAC case open for a similar problem. As far as I understand the CSS is supposed to intercept/rewrite the data returned to the client in response to the passive command. In my situation, tcpdumps show the real IP of the server coming back to the client which isn't accessible directly. I still don't have a solution from Cisco Tac. If they fix my issue, I'll post here.
-Bob
01-03-2008 08:24 AM
Bob,
Thanks, yes they are passive mode. Anything you find out will be appreciated.
Jim
01-03-2008 11:28 AM
Bob & Jim,
I ran across this Technote and thought it could be of some assistance http://www.cisco.com/en/US/partner/products/hw/contnetw/ps789/products_tech_note09186a0080093de6.shtml
- Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide