I'm trying to setup IOS SLB in directed mode on a Cat6506. We are currently using IOS SLB is dispatched mode for other services. Below is the relevent config. Please note there is no L3 interface on the 6506 for the Virtual Servers network (10.0.131.160). The gateway is an ASA which has L2 connectivity to the 6506. Also to note that the Server Farm network is within its own VRF.
ip slb serverfarm ADOBE-CONNECT
ip slb vserver ADOBE-TCP443
virtual 10.0.131.160 tcp https
ip slb vserver ADOBE-TCP80
virtual 10.0.131.160 tcp www
What happens is essentially nothing as you can see below 0 connections have occured, and 0 syns. "debug ip slb all" shows absolutely nothing in regards to this VServer.
ADOBE-TCP80, state = OPERATIONAL, v_index = 19, interface(s) = <any>
virtual = 10.0.131.160/32:80, TCP, service = NONE, advertise = TRUE
server farm = ADOBE-CONNECT, delay = 10, idle = 600
conns = 0, total conns = 23, syns = 0, syn drops = 0
standby group = None
However on the 6506 when I do a SPAN on the trunk interface between the 6506 and the ASA I can see the packet TCP SYNs arriving at the 6506. Where ever they go from there..... I have no clue. This SPAN/packet capture also shows the ARP requests from the ASA for the virtual IP address, however there is never a response.
Interface Gi1/21 is a trunk interface on the c6506 and faces the ASA. It trunks VLAN 131 which is the DMZ network. The vserver IP address 10.0.131.160 is within this DMZ network.
The "real" server is on a VMware box and utilizes port Gi2/19 this is also a trunk port which contains VLAN 130. The c6506 has a layer 3 interface for this VLAN, VLAN130. This interface is in the "app" VRF with an IP address of 10.0.130.252, eventually it will be running HSRP with a virtual address of 10.0.130.254.
I have tried taking out all of the access commands. Nothing changes from what I can see.
I hope I have answered your questions. Your help is greatly appreciated.
After my first publication of the book OSPF Demystified With RFC in 2014 which goes beyond the CCIE level which explores OSPF from the RFC's perspective. Since one year I had the idea : why not write a book for CCIE Enterprise and Infrastructure to be an ...
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation?
If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi...
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ...