Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
524
Views
0
Helpful
1
Replies

Need help with adding diff port numbers in css 11503

Go to solution
skkghello1
Level 1
Level 1

‎05-11-2011 11:23 AM

Hi ,

Below is my exisisting config of css 11503 --working all correctly on port== 9004.


service abc1--9004
  ip address 10.10.10.17
  protocol tcp
  port 9004
  redundant-index 33
  keepalive frequency 2
  keepalive maxfailure 2
  keepalive retryperiod 2
  keepalive port 9004
  keepalive type tcp
  active

service abc2--9004
  ip address 10.10.20.14
  protocol tcp
  port 9004
  redundant-index 36
  keepalive frequency 2
  keepalive maxfailure 2
  keepalive retryperiod 2
  keepalive port 9004
  keepalive type tcp
  active

=====================================================
content ab1-9004
    vip address 10.10.150.12
    port 9004
    protocol tcp
    redundant-index 53
    balance weightedrr
    advanced-balance sticky-srcip
    flow-timeout-multiplier 451
    add service abc1--9004 weight 10
    add service abc2--9004 weight 1
    active

  content ab2-9004
    vip address 10.10.150.13
    port 9004
    protocol tcp
    redundant-index 60
    balance weightedrr
    advanced-balance sticky-srcip
    flow-timeout-multiplier 451
    add service abc2--9004 weight 10
    add service abc1--9004 weight 1
    active

================================================


group nat-abc
  vip address 10.10.150.16
  redundant-index 54
  flow-timeout-multiplier 451
  add destination service abc1--9004
  add destination service abc2--9004
  active
_____________________________________________________________________________


Question:

I have to add another port number 9005 for the above config. New port==8004

Can you please check my new config :


Config t

when you enter
service abc1-8004
  ip address 10.10.10.17  -- i am using the same ips as above but diff port number--is it correct
  protocol tcp
  port 8004
  redundant-index 133----------------- can i use any  number which is not already used--- in the redundant-index
  keepalive frequency 2
  keepalive maxfailure 2
  keepalive retryperiod 2
  keepalive port 8004
  keepalive type tcp
  active

exit


service abc2-8004
  ip address 10.10.20.14
  protocol tcp
  port 8004
  redundant-index 136
  keepalive frequency 2
  keepalive maxfailure 2
  keepalive retryperiod 2
  keepalive port 8004
  keepalive type tcp
  active

exit

===============================================


content ab1-8004
    vip address 10.10.150.12 -- i am using the same ips as above but diff port number --is it correct
    port 8004
    protocol tcp
    redundant-index 153
    balance weightedrr
    advanced-balance sticky-srcip
    flow-timeout-multiplier 451
    add service abc1-8004 weight 10
    add service abc2-8004 weight 1
    active



content ab2-8004
    vip address 10.10.150.13
    protocol tcp
    port 8004
    redundant-index 160
    balance weightedrr
    advanced-balance sticky-srcip
    flow-timeout-multiplier 451
    add service abc2-8004 weight 10
    add service abc1-8004 weight 1
    active

===========================================================

Adding the service to the same group

group nat-abc
  vip address 10.10.150.16   --what does this vip do ? (snat)
  redundant-index 54
  flow-timeout-multiplier 451
  add destination service abc1--9004
  add destination service abc2--9004
  add destination service abc1-8004-----should i add them here
  add destination service abc2-8004-----should i add them here
  active


or  I have to creat a new group


group nat-abc2
  vip address 10.10.150.17 --with diff ip
  redundant-index 254
  flow-timeout-multiplier 451
  add destination service abc1-8004
  add destination service abc2-8004
  active

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎05-12-2011 03:51 AM

Hi Keo,

Let's go through your questions one by one:

  • It's fine to create a new content rule with the same IP but a different port. The same applies to the services
  • The redundant-index needs to be a unique number for each service. This number is just an identifier so it doesn't matter which one is used.
  • If you add all the services under one single source group, all connections will be natted to the same IP regardless of which content rule they hit. If you need this IP to be different, then you will have to create separate groups.

I hope this answers all your questions, but, please, do not hesitate to contact me again if you need further clarification.

Regards

Daniel

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎05-12-2011 03:51 AM

Hi Keo,

Let's go through your questions one by one:

  • It's fine to create a new content rule with the same IP but a different port. The same applies to the services
  • The redundant-index needs to be a unique number for each service. This number is just an identifier so it doesn't matter which one is used.
  • If you add all the services under one single source group, all connections will be natted to the same IP regardless of which content rule they hit. If you need this IP to be different, then you will have to create separate groups.

I hope this answers all your questions, but, please, do not hesitate to contact me again if you need further clarification.

Regards

Daniel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card