[c-nsp] Ace Module Troubleshooting
Teller, Robert
RTeller at deltadentalwa.com
Thu Aug 7 13:54:27 EDT 2008
So i have a wierd issue going on with my ACE module. I am sure it is a
configuration issue but since i am making it up as i go i can only do so
much.
I am able to browse to a load balanced website from one computer but if
i try to browse to it from another computer the website is unavailable.
the website is under the dp-qa domain.
------------------------------------------------------------------------
---------------
logging console 6
logging timestamp
access-list any line 8 extended permit icmp any any
access-list any line 16 extended permit ip any any
probe tcp TCP-5002_PROBE
port 5002
interval 3
passdetect interval 3
probe tcp TCP-8003_PROBE
port 8003
interval 3
passdetect interval 3
probe http TCP-80_PROBE
interval 5
passdetect interval 5
expect status 200 200
hash
connection term forced
probe tcp TCP-9090_PROBE
port 9090
interval 5
connection term forced
probe http ciscotest_PROBE
interval 5
passdetect interval 5
request method get url /ciscotest/
expect status 200 200
hash
connection term forced
rserver host dm-qa-app25
ip address 172.22.237.23
inservice
rserver host dm-qa-app26
ip address 172.22.237.25
inservice
rserver host dm-qa-web21
ip address 172.22.237.19
inservice
rserver host dm-qa-web22
ip address 172.22.237.21
inservice
rserver host dp-qa-app85
ip address 172.22.237.24
inservice
rserver host dp-qa-app86
ip address 172.22.237.26
inservice
rserver host dp-qa-web81
ip address 172.22.237.20
inservice
rserver host dp-qa-web82
ip address 172.22.237.22
inservice
rserver host recluse1
ip address 172.22.228.88
inservice
rserver host recluse2
ip address 172.22.228.89
inservice
serverfarm host dm-qa-app
probe TCP-80_PROBE
rserver dm-qa-app25
inservice
rserver dm-qa-app26
inservice
serverfarm host dm-qa-ivr
probe TCP-5002_PROBE
rserver dm-qa-web21
inservice
rserver dm-qa-web22
inservice
serverfarm host dm-qa-socket
probe TCP-8003_PROBE
rserver dm-qa-app25
inservice
rserver dm-qa-app26
inservice
serverfarm host dm-qa-web
probe ciscotest_PROBE
rserver dm-qa-web21
inservice
rserver dm-qa-web22
inservice
serverfarm host dp-qa-app
probe TCP-80_PROBE
rserver dp-qa-app85
inservice
rserver dp-qa-app86
inservice
serverfarm host dp-qa-ivr
probe TCP-5002_PROBE
rserver dp-qa-web81
inservice
rserver dp-qa-web82
inservice
serverfarm host dp-qa-socket
probe TCP-8003_PROBE
rserver dp-qa-app85
inservice
rserver dp-qa-app86
inservice
serverfarm host dp-qa-web
probe ciscotest_PROBE
rserver dp-qa-web81
inservice
rserver dp-qa-web82
inservice
serverfarm host recluse
predictor leastconns
probe TCP-9090_PROBE
rserver recluse1
inservice
rserver recluse2
inservice
class-map type management match-any REMOTE_ACCESS
2 match protocol ssh any
3 match protocol telnet any
4 match protocol icmp any
5 match protocol snmp any
6 match protocol http any
7 match protocol https any
class-map match-all dm-qa-app_CLASS
2 match virtual-address XXX.XXX.XXX.136 tcp eq www
class-map match-all dm-qa-ivr_CLASS
2 match virtual-address XXX.XXX.XXX.138 tcp eq 5002
class-map match-all dm-qa-socket_CLASS
2 match virtual-address XXX.XXX.XXX.139 tcp eq 8003
class-map match-all dm-qa-web_CLASS
2 match virtual-address XXX.XXX.XXX.137 tcp eq www
class-map match-all dp-qa-app_CLASS
2 match virtual-address XXX.XXX.XXX.140 tcp eq www
class-map match-all dp-qa-ivr_CLASS
2 match virtual-address XXX.XXX.XXX.142 tcp eq 5002
class-map match-all dp-qa-socket_CLASS
2 match virtual-address XXX.XXX.XXX.143 tcp eq 8003
class-map match-all dp-qa-web_CLASS
2 match virtual-address XXX.XXX.XXX.141 tcp eq www
class-map match-any recluse_CLASS
2 match virtual-address XXX.XXX.XXX.134 tcp eq 9090
3 match virtual-address XXX.XXX.XXX.134 tcp eq 10000
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
class REMOTE_ACCESS
permit
policy-map type loadbalance first-match dm-qa-app_POLICY
class class-default
serverfarm dm-qa-app
policy-map type loadbalance first-match dm-qa-ivr_POLICY
class class-default
serverfarm dm-qa-ivr
policy-map type loadbalance first-match dm-qa-socket_POLICY
class class-default
serverfarm dm-qa-socket
policy-map type loadbalance first-match dm-qa-web_POLICY
class class-default
serverfarm dm-qa-web
policy-map type loadbalance first-match dp-qa-app_POLICY
class class-default
serverfarm dp-qa-app
policy-map type loadbalance first-match dp-qa-ivr_POLICY
class class-default
serverfarm dp-qa-ivr
policy-map type loadbalance first-match dp-qa-socket_POLICY
class class-default
serverfarm dp-qa-socket
policy-map type loadbalance first-match dp-qa-web_POLICY
class class-default
serverfarm dp-qa-web
policy-map type loadbalance first-match recluse_POLICY
class class-default
serverfarm recluse
policy-map multi-match POLICY
class recluse_CLASS
loadbalance vip inservice
loadbalance policy recluse_POLICY
loadbalance vip icmp-reply active
nat dynamic 134 vlan 238
class dm-qa-app_CLASS
loadbalance vip inservice
loadbalance policy dm-qa-app_POLICY
loadbalance vip icmp-reply active
nat dynamic 136 vlan 238
class dm-qa-web_CLASS
loadbalance vip inservice
loadbalance policy dm-qa-web_POLICY
loadbalance vip icmp-reply active
nat dynamic 137 vlan 238
class dm-qa-ivr_CLASS
loadbalance vip inservice
loadbalance policy dm-qa-ivr_POLICY
loadbalance vip icmp-reply active
nat dynamic 138 vlan 238
class dm-qa-socket_CLASS
loadbalance vip inservice
loadbalance policy dm-qa-socket_POLICY
loadbalance vip icmp-reply active
nat dynamic 139 vlan 238
class dp-qa-app_CLASS
loadbalance vip inservice
loadbalance policy dp-qa-app_POLICY
loadbalance vip icmp-reply active
nat dynamic 140 vlan 238
class dp-qa-web_CLASS
loadbalance vip inservice
loadbalance policy dp-qa-web_POLICY
loadbalance vip icmp-reply active
nat dynamic 141 vlan 238
class dp-qa-ivr_CLASS
loadbalance vip inservice
loadbalance policy dp-qa-ivr_POLICY
loadbalance vip icmp-reply active
nat dynamic 142 vlan 238
class dp-qa-socket_CLASS
loadbalance vip inservice
loadbalance policy dp-qa-socket_POLICY
loadbalance vip icmp-reply active
nat dynamic 143 vlan 238
interface vlan 238
ip address XXX.XXX.XXX.253 255.255.255.128
alias XXX.XXX.XXX.252 255.255.255.128
peer ip address XXX.XXX.XXX.254 255.255.255.128
access-group input any
nat-pool 134 XXX.XXX.XXX.134 XXX.XXX.XXX.134 netmask 255.255.255.255
nat-pool 136 XXX.XXX.XXX.136 XXX.XXX.XXX.136 netmask 255.255.255.255
nat-pool 137 XXX.XXX.XXX.137 XXX.XXX.XXX.137 netmask 255.255.255.255
nat-pool 138 XXX.XXX.XXX.138 XXX.XXX.XXX.138 netmask 255.255.255.255
nat-pool 139 XXX.XXX.XXX.139 XXX.XXX.XXX.139 netmask 255.255.255.255
nat-pool 140 XXX.XXX.XXX.140 XXX.XXX.XXX.140 netmask 255.255.255.255
nat-pool 141 XXX.XXX.XXX.141 XXX.XXX.XXX.141 netmask 255.255.255.255
nat-pool 142 XXX.XXX.XXX.142 XXX.XXX.XXX.142 netmask 255.255.255.255
nat-pool 143 XXX.XXX.XXX.143 XXX.XXX.XXX.143 netmask 255.255.255.255
service-policy input POLICY
service-policy input REMOTE_MGMT_ALLOW_POLICY
no shutdown
domain dm-qa
add-object serverfarm dm-qa-app
add-object serverfarm dm-qa-ivr
add-object serverfarm dm-qa-socket
add-object serverfarm dm-qa-web
add-object rserver dm-qa-app25
add-object rserver dm-qa-app26
add-object rserver dm-qa-web21
add-object rserver dm-qa-web22
domain recluse
add-object serverfarm recluse
add-object rserver recluse1
add-object rserver recluse2
domain dp-qa
add-object serverfarm dp-qa-app
add-object serverfarm dp-qa-ivr
add-object serverfarm dp-qa-socket
add-object serverfarm dp-qa-web
add-object rserver dp-qa-app85
add-object rserver dp-qa-app86
add-object rserver dp-qa-web81
add-object rserver dp-qa-web82
ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.129
Robert Teller
Washington Dental Service
Network Administrator
(206) 528-2371
RTeller at DeltaDentalWa.com <mailto:RTeller at DeltaDentalWa.com>
#########################################################
The information contained in this e-mail and subsequent attachments may be privileged,
confidential and protected from disclosure. This transmission is intended for the sole
use of the individual and entity to whom it is addressed. If you are not the intended
recipient, any dissemination, distribution or copying is strictly prohibited. If you
think that you have received this message in error, please e-mail the sender at the above
e-mail address.
#########################################################
More information about the cisco-nsp
mailing list