10-20-2010 11:25 AM
Hoping someone can point me in right direction to config guide etc..
Essentially I have 2 Exchange servers on vlan 10.
I want to use the 4710 to sit in front of them and load balance between the 2 servers.
The 4710 and the 2 servers are on the same vlan.
I have configured a VIP, the 2 real servers and the the server farm. Everything appears to be inservice.
Any help would be appreciated.
Cheers
Dave
Solved! Go to Solution.
10-20-2010 12:57 PM
Hi Dave,
If you have a one-armed design then you require Source NAT to get things working
policy-map type loadbalance http first-match Exchange-PM
class class-default
serverfarm Exchange
policy-map multi-match LB
class Exchange-VIP
loadbalance vip inservice
loadbalance policy Exchange-PM
loadbalance vip icmp-reply active
nat dynamic 1 vlan 10
interface vlan 10
ip address 10.10.10.2 255.255.255.0
access-group input Any
nat-pool 1 10.10.10.10 10.10.10.10 netmask 255.255.255.0 pat
service-policy input MGMT
service-policy input LB
no shutdown
You can use the VIP address or any other available IP address no NAT the request.
HTH
__ __
Pablo
10-20-2010 12:57 PM
Hi Dave,
If you have a one-armed design then you require Source NAT to get things working
policy-map type loadbalance http first-match Exchange-PM
class class-default
serverfarm Exchange
policy-map multi-match LB
class Exchange-VIP
loadbalance vip inservice
loadbalance policy Exchange-PM
loadbalance vip icmp-reply active
nat dynamic 1 vlan 10
interface vlan 10
ip address 10.10.10.2 255.255.255.0
access-group input Any
nat-pool 1 10.10.10.10 10.10.10.10 netmask 255.255.255.0 pat
service-policy input MGMT
service-policy input LB
no shutdown
You can use the VIP address or any other available IP address no NAT the request.
HTH
__ __
Pablo
10-21-2010 06:38 AM
Thanks for the reply and I understand the need for source nating...but was hoping someone could provide me a sample
walk thru of a 1 armed scenario ?
Cheers
Dave
10-21-2010 06:44 AM
Morning Dave,
Gotcha, you're looking for something like this
I've attached a configuration chapter that walks you through the one-arm mode configuration and all its requirements.
HTH
__ __
Pablo
10-21-2010 07:15 AM
Thanks Pablo
I noticed its for the ACE module, does this config also work for the stand alone 4710 appliance ?
From a best practice perspective, is it best to put the ACE VIP on a seperate routed VLAN ?
I notice the network diagram has the ACE on VLAN 50 and the servers on VLAN 51 with the MSFC routing between the 2.
Or can I have both the ACE physical and VIP on the same subnet as my server farm ?
Cheers
Dave
10-21-2010 08:24 AM
Dave,
Yup the configuration lines on the module and the appliance are indentical, I think more of the docs are module oriented because of the sell numbers
From a best practice perspective, is it best to put the ACE VIP on a seperate routed VLAN ?
Not really the design that you want to implement depends on what's already setup on your environment, regardless of the mode that you want to go with Bridged/One-Armed/Routed you can expect same load balancing performance, for example clients would not go with One-Armed mode if they need to avoid client NAT for auditing purposes or something.
I notice the network diagram has the ACE on VLAN 50 and the servers on VLAN 51 with the MSFC routing between the 2./Or can I have both the ACE physical and VIP on the same subnet as my server farm ?
That's a Cisco's different (weird) sketch for a one-armed design, the diagram that commonly you see is like this
http://img526.imageshack.us/i/onearmed.jpg/
Absolutely you can have ACE/VIP/Servers on the same VLAN as long as source NAT is in place LB should work flawlessly =)
HTH
__ __
Pablo
10-21-2010 12:11 PM
Thanks Pablo, your help is much appreciated
So far I have gotten the load balancer working with 2 servers
in a server farm.
Cheers
Dave
10-21-2010 06:49 PM
Sweeeet! Great to hear the info was useful to get things on the right track
Have a nice one!
__ __
Pablo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide