[c-nsp] SLB Question

Wed Jul 11 12:47:39 EDT 2007

If you are looking at a very small scale SLB solution, why not just use
IP SLB directly on the MSFC?
It can handle quite a few sessions/pps, and if you feel overload, you
can upgrade to Sup720-3B, which has HW acceleration for IP SLB.

If you stop using destination NAT, it would be the perfect solution for
you.

If you need some assistance with configs, unicast me. Here is the link
for the IP SLB docs:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft
/122limit/122sx/122sxf18/slbsxf1.htm

Arie

-----Original Message-----
From: Paul Stewart [mailto:paul at paulstewart.org] 
Sent: Wednesday, July 11, 2007 19:41 PM
To: Arie Vayner (avayner); 'Robert Blayzor'
Cc: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] SLB Question

Thanks Arie... a quick look at the pricing makes this option prohibitive
...
nice option though...;)  If this was for a large scale rollout then the
ACE would be ideal....

This is pretty much just for two servers which are mirrored/redundant to
one another - looks like doing it on the server level is going to be
best option or go with something like Barracuda's load balancer
appliance (can get a pair of them redundant for under $10k) but we like
to standardize on Cisco as much as possible...

Thanks Arie and everyone for your input as usual....

Paul

-----Original Message-----
From: Arie Vayner (avayner) [mailto:avayner at cisco.com]
Sent: Wednesday, July 11, 2007 12:30 PM
To: Robert Blayzor; Paul Stewart
Cc: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] SLB Question

Paul,

I recommend that you look at the ACE module. It's the latest and
greatest HW based SLB solution (a blade on the 6500):
http://www.cisco.com/en/US/products/ps6906/index.html

If you really need to be able to provide access to the VIP from the same
L2 domain where the real servers are located, I would recommend moving
to dispatched mode.
Just disable "nat server", and configure the VIP as a loopback interface
on the real servers (easily done on any OS). This would allow the
servers to use the VIP as a source, so both remote and local clients
would be able to access the VIP on the SLB instance, but the return
traffic would not require a translation back...

Arie

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Robert Blayzor
Sent: Wednesday, July 11, 2007 19:02 PM
To: Paul Stewart
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] SLB Question

Paul Stewart wrote:
> So, what's a good hardware solution (bearing in mind that we can still

> do this in software on the servers)??  Cisco used to make load 
> balancing hardware at one time but I don't think they are involved 
> with that any longer??  Open to hardware suggestions.. preferably 
> something that works transparently as a bridge and can work as a pair 
> of hardware devices for fault tolerance within the hardware?

Cisco still makes some of the CSS line, but not sure that fits the bill.

  I'd actually take a look at the Foundry ServerIrons.  If you want a
good laugh, the Foundry ServerIrons are  more IOS like than Cisco's own
CSS's.
;-)  The ServerIrons are solid and are quite reasonably priced...

vs what's left in the CSS line.  (I believe the CSS 11501's are EoSale).

-Robert

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/