Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1094
Views
0
Helpful
4
Replies

Technical Questions for ACE20-MOD-K9

Juan Ibañez
Level 1
Level 1

‎11-18-2013 11:56 AM

The ACE20-MOD-K9 have the functionality to do translations for ports, that is, for example, that a request received on port 443 is sent to the server on port 8443,and what would be the impact to the current context NAT configurations?

There is functionality to accommodate digital certificates balancers and not on the servers? and resource impact of this?

At this moment we work with persistence on a class C subnet mask, what would be the impact of CPU and memory if we apply the persistence on a host mask?

Have any impact on resources create a persistence settings for cookies?

Labels:
0 Helpful
4 Replies 4

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎11-18-2013 12:23 PM

Hi Juan,

I didn't get your first question.

Even if there is no NAT configured, if you configure rserver with port under serverfarm, when your request is received on VIP, ACE will forward the request back to rserver on port which have you specified in serverfarm. It has nothing to do with NAT. May be you can elaborate your question a bit.

SSL termination will take the load off of servers so that ACE does the SSL handshake and takes care of encryption and decryption processes. It has its impact on performance but depends upon the usage and capacity. I would recommend going through the performance guide for the same and it holds true for your other questions as well.

It depends how much ACE is already being used and how much you are planning to add. This is something you should plan and read ACE capacity/performance specifications and configure accordingly. I cannot give you any concrete numbers. You can check data sheets and other guides.

Regards,

Kanwal

0 Helpful

Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Kanwaljeet Singh

‎11-18-2013 12:31 PM

Hi Juan,

I think below link would be helpful for you too.

http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Troubleshooting_Guide_--_Managing_Resources

Regards,

Kanwal

0 Helpful

Juan Ibañez
Level 1
Level 1
In response to Kanwaljeet Singh

‎11-20-2013 12:06 PM

Hi Kanwal

What if to add persistence on a host whose address is contained in a persistence on a segment?

I add the settings that I have as an example:

Context Admin

resource-class STICK1

  limit-resource all minimum 0.00 maximum unlimited

  limit-resource sticky minimum 5.00 maximum equal-to-min

context RED-99

  description !!Red de Servicios 146.155.80.0/24

  allocate-interface vlan 99

  allocate-interface vlan 412

  member STICK1

Context ACE

sticky ip-netmask 255.255.255.0 address both STK_PORTAL_HTTP

  replicate sticky

  serverfarm PORTAL_HTTP

policy-map type loadbalance first-match PORTAL_HTTP

class class-default

     sticky-serverfarm STK_PORTAL_HTTP

class-map match-all L4_VIP_PORTAL_HTTP

   2 match virtual-address 146.155.80.150 tcp eq www

Regards,

Juan

0 Helpful

Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Juan Ibañez

‎11-20-2013 12:52 PM

Hi Juan,

If you configure a network mask other than 255.255.255.255 (/32), the ACE module may populate the sticky entries only on one of its four/two network processors which may reduce the number of available sticky entries by 25/50 percent. This reduction in resources may cause problems when heavy sticky use occurs on the ACE module.

So it is better to use to 255.255.255.255. as the mask for optimal performance.

Regards,

Kanwal

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card