[c-nsp] csm Bride Mode Simple scenario. Is it Possible?

Chris Riling criling at gmail.com
Wed Apr 9 09:57:29 EDT 2008 

I have several VIPs in different subnets than the reals, but he's right to
some extent, the static routing can be cumbersome. I inherited an
environment where IP space overlapped, and existed on both sides of the CSM,
and there were a bunch of more specific routes pointed toward the CSM client
VLAN. At least in times moving forward if they insist on have VIPs and reals
live on different subnets, I atleast now have a block of IPs pointed just
toward the CSM for this purpose and nothing else... I'm not sure how else
you would do it since the CSM VLAN interfaces don't become part of the IP
routing table, but then again I haven't played with that too much, since I
already inherited this mess... ;)

Chris


On 4/9/08, Brad Case <overkillxx at gmail.com> wrote:
>
> Hey Arie,
>
> I actually asked this same question to Cisco. The official response I got
> was this:
>
> Extract:
>
>
> This should work to some extent. However, for the large network I don't
> know
> how reliable you can run this system for sure.
>
> You are basically forcing static route in MSFC to forward traffic to the
> client vlan of the CSM. This is not something desirable way to do routing
> on
> the CSM. Especially bridge mode.
>
>
> There will "only" be 2 VIP's setup this way & never anymore. There will
> be many additional VIPs  that will be created using an VIP IP in the same
> address range as the real server addresses (Text book scenario).
> If the customer were to change the 2 VIP addresses it requires a massive
> amount of logistics to do so, hence the reason why I am considering doing
> it
> this way.
>
>
> I would really like to here what people have to say in relation to this
> response & if I should be concerned in doing it like this for just 2 VIP's
> only.
>
>
> Regards,
>
> Brad
>
>
>
>
>
> On Tue, Apr 8, 2008 at 5:59 PM, Arie Vayner (avayner) <avayner at cisco.com>
> wrote:
>
> > Brad,
> >
> > You should just make sure the virtual IP is routable on the MSFC. The
> > best way is to use the "advertise" command on the virtual server.
> >
> > Arie
> >
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net
> > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Brad Case
> > Sent: Tuesday, April 08, 2008 02:27 AM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] csm Bride Mode Simple scenario. Is it Possible?
> >
> > Hi Guys,
> > I have a question that I simply cannot find an answer to on the Cisco
> > site in regards to the CSM in Bridge mode.
> > Is it possible to have the vserver (VIP) IP in a differnt subnet range
> > than the real IP addresses in the serverfarm that is bound to it?
> >
> > In other words, as an example a typical bridge configuration is like
> > this:
> >
> >
> >
> > vlan 221 client
> >  ip address 10.20.220.2 255.255.255.0
> >  gateway 10.20.220.1
> > !
> > vlan 220 server
> >  ip address 10.20.220.2 255.255.255.0
> > <<<<<<<<<<<<Two VLANs with the same IP address are bridged
> > together>>>>>>>>>>>>>>>>>.
> > serverfarm WEBFARM
> >  nat server
> >  no nat client
> >  real 10.20.220.10
> >  inservice
> >  real 10.20.220.20
> >  inservice
> > !
> > vserver WEB
> >  virtual 10.20.220.100 tcp www
> >  serverfarm WEBFARM
> >  persistent rebalance
> >  inservice
> >
> >
> >
> > Is it possible to do something like this:
> >
> > vlan 221 client
> >  ip address 10.20.220.2 255.255.255.0
> >  gateway 10.20.220.1
> > !
> > vlan 220 server
> >  ip address 10.20.220.2 255.255.255.0
> >  <<<<<<<<<<<<Two VLANs with the same IP address are bridged
> > together>>>>>>>>>>>>>>>>>.
> >
> > serverfarm WEBFARM
> >  nat server
> >  no nat client
> >  real 10.20.220.10
> >  inservice
> >  real 10.20.220.20
> >  inservice
> > !
> > vserver WEB
> >  virtual 50.40.220.99 tcp www   <<<<<<<<<<  Place the IP address in a
> > different subnet than the IP's in the serverfarm >>>>>>>>>>>>>>>
> > serverfarm WEBFARM  persistent rebalance  inservice
> >
> >
> > <<<<<<<<On the MSFC place a static route to route the 50.40.220.99
> > address towards the CSM IP on vlan 221>>>>>>>>>.
> >
> > ip route 50.40.220.99 255.255.255.255 10.20.220.2
> >
> >
> > Please if somebody knows if this is or is not possible it would be
> > highly appreciated to hear your feedback.
> >
> >
> > Regards,
> >
> > Brad
> >  _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list