Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
828
Views
3
Helpful
6
Replies

Port ranges on CSS

paul.matthews
Level 5
Level 5

‎06-29-2004 03:14 AM

Is there an easy way to have a content rule listen on a range of selcted ports rather than all open or just one?

Labels:
0 Helpful
6 Replies 6

robin.pimentel
Level 1
Level 1

‎06-29-2004 09:50 AM

Paul,

I just want to shoot out an idea to you. I haven't tried this out myself, so my apologies if I'm way off here. Is there a reason why you couldn't define a service for each port on the same host? So lets say you wanted http and dns:

service serv1-http

port 80

ip 192.168.1.1

service serv1-dns

port 53 (UDP or TCP depending on DNS function)

ip 192.168.1.1

then add the two services to a single content rule (VIP). Just an idea. Let me know what you come up with, since your question was pretty interesting.

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to robin.pimentel

‎07-05-2004 12:17 AM

Robin,

sorry to say this but your solution is totally wrong.

If you have 2 services defined with a different port and assigned to the same content rule, the CSS will one time nat to port1 and one time to port2.

For example, you get a connection on port 80, the CSS could loadbalance the request to serv1-dns since it is configured under the content rule and the CSS will forward the request to port 53 -> see the problem.

There is no solution to Paul's request unless we get more info about the end goal so we can find a different approach.

Regards,

Gilles.

0 Helpful

robin.pimentel
Level 1
Level 1
In response to Gilles Dufour

‎07-06-2004 09:01 AM

Gilles,

good catch. I was obviously out of my mind on that one. I think I can safely say that I lost my perspective (big picture) on that one. I was thinking of a load balance algorithm in my mind that doesn't exist in real life. Too much brainstorming. Obviously, a content rule will just load balance between services in the same rule. My sincere appologies to Paul.

0 Helpful

paul.matthews
Level 5
Level 5
In response to robin.pimentel

‎07-06-2004 11:03 AM

No problem - sometimes off the wall stuff works...

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee

‎07-05-2004 12:14 AM

no solution.

You can have a layer 3 rule that will accept all ports and then use an acl to limit what ports you want to be accessible.

Regards,

Gilles.

paul.matthews
Level 5
Level 5
In response to Gilles Dufour

‎07-05-2004 12:19 AM

Thanks. I have a feeling that is the way I will have to go to do it. It would be useful to have a range facility for ports though.

Paul.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card