09-25-2007 12:25 AM
Hi,
Can some one help me with a sample configuration for ACE20?
Rgds....Partha Acharya
09-25-2007 03:50 AM
here is a copy of my lab config.
switch/User1# sho run
Generating configuration....
logging enable
logging buffered 7
access-list PERMIT_ANY line 10 extended permit ip any any
access-list app line 10 extended permit ip host 192.168.20.41 any
probe http ACECFG-http
interval 5
faildetect 2
passdetect interval 10
request method get url /index.html
expect status 200 299
probe ftp ftp_probe
interval 10
passdetect interval 10
expect status 0 999
open 5
parameter-map type connection REPL
parameter-map type connection TCP
rserver host 20.20.20.20
ip address 20.20.20.20
inservice
rserver host REFLECTOR-10
ip address 192.168.60.10
inservice
rserver host REFLECTOR-11
ip address 192.168.60.11
inservice
rserver host REFLECTOR-12
ip address 192.168.60.12
inservice
rserver host REFLECTOR-13
ip address 192.168.60.13
inservice
rserver host REFLECTOR-14
ip address 192.168.60.14
inservice
rserver host REFLECTOR-15
ip address 192.168.60.15
inservice
rserver host linux1-48
ip address 192.168.30.48
rserver host linux2
ip address 192.168.20.41
inservice
serverfarm host 20.20.20.20
rserver 20.20.20.20
inservice
serverfarm host REFLECTOR
predictor leastconns
rserver REFLECTOR-10
weight 1
inservice
rserver REFLECTOR-11
weight 1
inservice
rserver REFLECTOR-12
weight 1
inservice
rserver REFLECTOR-13
weight 1
inservice
rserver REFLECTOR-14
weight 1
inservice
rserver REFLECTOR-15
weight 1
inservice
rserver linux1-48
inservice
serverfarm host linux2
failaction purge
probe ACECFG-http
rserver linux2
inservice
serverfarm host linux2-ftp
probe ftp_probe
rserver linux2 21
inservice
sticky ip-netmask 255.255.255.255 address source STICKY-REFLECTOR
replicate sticky
serverfarm REFLECTOR
class-map match-all NAT
2 match access-list app
class-map type http loadbalance match-all URL
2 match http url .*
class-map match-all VIP-250-80
2 match virtual-address 192.168.100.250 tcp eq www
class-map match-all VIP-250-ftp
2 match virtual-address 192.168.100.250 tcp eq ftp
class-map match-any VIP-REFLECTOR-254
2 match virtual-address 192.168.100.254 tcp eq www
policy-map type management first-match ALLOW
class class-default
permit
policy-map type loadbalance first-match 20.20.20.20
class class-default
serverfarm 20.20.20.20
policy-map type loadbalance first-match LB_linux2
class class-default
serverfarm linux2
policy-map type loadbalance first-match REFLECTOR
class class-default
sticky-serverfarm STICKY-REFLECTOR
policy-map type loadbalance first-match ftp-linux2
class class-default
serverfarm linux2-ftp
policy-map multi-match NAT1
class NAT
nat dynamic 1 vlan 100
policy-map multi-match SLB-REFLECTOR
class VIP-REFLECTOR-254
loadbalance vip inservice
loadbalance policy REFLECTOR
loadbalance vip icmp-reply
policy-map multi-match SLB1
class VIP-250-80
loadbalance vip inservice
loadbalance policy 20.20.20.20
loadbalance vip icmp-reply
class VIP-250-ftp
loadbalance vip inservice
loadbalance policy ftp-linux2
loadbalance vip icmp-reply
inspect ftp
service-policy input ALLOW
interface vlan 20
ip address 192.168.20.253 255.255.255.0
mac-sticky enable
access-group input PERMIT_ANY
service-policy input SLB1
no shutdown
interface vlan 100
ip address 192.168.100.2 255.255.255.0
alias 192.168.100.1 255.255.255.0
peer ip address 192.168.100.3 255.255.255.0
access-group input PERMIT_ANY
nat-pool 1 192.168.100.240 192.168.100.245 netmask 255.255.255.0
no shutdown
ip route 0.0.0.0 0.0.0.0 192.168.100.9
ip route 192.168.100.4 255.255.255.255 192.168.100.9
ip route 171.69.146.79 255.255.255.255 192.168.20.41
ip route 192.168.30.0 255.255.255.0 192.168.20.37
ip route 20.20.20.20 255.255.255.255 192.168.20.41
09-25-2007 03:54 AM
Thanks a lot for ur help.
I have some doubts. Can u please claify...
1. mac-sticky enable---> what does this mean?
2. Is it required to reate pbr for every application?
3. Whether ACE works the way that a CSS does?
4. What does probe ftp_probe means?
rgds...
09-25-2007 04:02 AM
I would suggest to do a minimum of reading :-)
ACE configuration is totally different from any other Cisco loadbalancer and its configuration requires the use of policy and class-map.
ftp_probe is the name of the probe.
Again a minimum of reading is required if you want to configure ACE.
Thanks,
Gilles.
02-01-2011 04:01 AM
Hi gilles,
Please see below for customer requirement and please advise on which of the products will be appropriate.
Specification:
· Estimated 300 concurrent application users
· 2 application servers seating behind the load balancer, with possibility of additional servers
· No SPOF on load balancer
· Based on cisco offering.
Which of the below will be appropriate considering the above?
- ACE20-MOD-K9
OR
- ACE4710-1F-K9
br
Sam
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide