Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
607
Views
0
Helpful
3
Replies

multi-bridge ACE enviorenmet

Go to solution
David Martinez Garcia
Level 1
Level 1

‎10-03-2011 09:58 AM

Hi all.

I have an ACE context with many bridges configured, for example:

Bridge 1 with vlans 10 and 20

Bridge 2 with vlans 30 and 40

Vlans 10 and 30 connect to clients and vlans 20 and 40 connect to servers.

Vlans 10 and 30 are transit vlans betwen a FWSM and the ACE. The idea is that every client access the service through the FWSM and the communication between service occurs also through the FWSM.

My question is, what about the default route? I mean, if the IP sunbet for vlans 10 and 20 is 192.168.0.0/24 and the IP subnet for vlans 30 and 40 is 172.16.0.0/24, how can I configure different default routes?

Thank you in advance!

David

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
r-garrison
Level 1
Level 1

‎10-03-2011 10:58 AM

David,

We actually just tested this scenario.  If I am understanding your question correctly, and you are bridging VLAN 10 to VLAN 20, and bridging VLAN 30 to VLAN 40, then you can use the command 'mac-sticky enable' under the appropriate VLAN interfaces within the context you are doing this bridging on.

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/routing_bridging/guide/vlansif.html#wp1061115

This will ensure that the ACE is able to reply to connections to VIP's in a predictable manner.  With this setup, a default route is only necessary for management.  So, once this is enabled, you only put in a single default route out of whatever interface you want to use for traffic sourced from the ACE (TFTP, FTP, etc).  Do realize though, that the MAC-sticky command is only valid for traffic originated from clients to the ACE.  If the ACE originates something it will use the default route.

Thanks,

Robby

View solution in original post

0 Helpful

Go to solution
r-garrison
Level 1
Level 1
In response to r-garrison

‎10-05-2011 07:07 AM

David,

It should just be needed on the VLAN's facing the clients in a standard web-server load-balancing scenario (servers connected at layer-2 to the server-side of the ACE, on the same VLAN's as the ACE interfaces).  So put it on VLANs 10 and 30, and you should be good to go.

Thanks,

Robby

View solution in original post

0 Helpful
3 Replies 3

Go to solution
r-garrison
Level 1
Level 1

‎10-03-2011 10:58 AM

David,

We actually just tested this scenario.  If I am understanding your question correctly, and you are bridging VLAN 10 to VLAN 20, and bridging VLAN 30 to VLAN 40, then you can use the command 'mac-sticky enable' under the appropriate VLAN interfaces within the context you are doing this bridging on.

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/routing_bridging/guide/vlansif.html#wp1061115

This will ensure that the ACE is able to reply to connections to VIP's in a predictable manner.  With this setup, a default route is only necessary for management.  So, once this is enabled, you only put in a single default route out of whatever interface you want to use for traffic sourced from the ACE (TFTP, FTP, etc).  Do realize though, that the MAC-sticky command is only valid for traffic originated from clients to the ACE.  If the ACE originates something it will use the default route.

Thanks,

Robby

0 Helpful

Go to solution
David Martinez Garcia
Level 1
Level 1
In response to r-garrison

‎10-04-2011 12:57 AM

Hi Robby

Thanks a .lot for your response!

I'll test on our lab. The only question is: in which vlan of the bridge must I apply the configuration, server or client side?

Thanks

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
r-garrison
Level 1
Level 1
In response to r-garrison

‎10-05-2011 07:07 AM

David,

It should just be needed on the VLAN's facing the clients in a standard web-server load-balancing scenario (servers connected at layer-2 to the server-side of the ACE, on the same VLAN's as the ACE interfaces).  So put it on VLANs 10 and 30, and you should be good to go.

Thanks,

Robby

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents