[f-nsp] Centralized Load balancing via 802.1q?
Matt Stockdale
mstockda at logicworks.net
Thu May 27 17:35:13 EDT 2004
Ah ha, This is exactly what I was looking for.
Now, is there any special config on ethe 25,26? If you know cisco-speak,
are these the equivalent of an etherchannel pair?
Even with an 8 source IP limitation, that lets us reduce our XL's by a
factor of 8, since our main shared pair serves one class c currently,
and customers who need their own dedicated vlan/address space, or want
dedicated firewalls, they get their own pair of XL's.
Matt
On Thu, 2004-05-27 at 17:28, Cliff Fogle wrote:
> I do this using subnet vlans. All virtuals are in the same subnet as
> the reals.
>
> Something along these lines:
>
> vlan 110 by port
> tagged ethe 25 to 26
> ip-subnet 192.168.4.0 255.255.255.0
> !
> vlan 111 by port
> tagged ethe 25 to 26
> ip-subnet 192.168.5.0 255.255.255.0
>
> Making sure to give the serveriron all necessary source ip's:
>
> (from global config mode)
>
> server source-ip 192.168.5.254 255.255.255.0 0.0.0.0
>
> The source Ip is pretty much just to make sure that the keepalives get
> out on the right vlan. The catch?: You can only have 8 source ip's on
> a single XL...
>
> Here is what foundry has to say about it:
> http://www.foundrynet.com/services/documentation/sribcg/VLANs.html#16034
>
> -----Original Message-----
> From: foundry-nsp-bounces at puck.nether.net
> [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Matt Stockdale
> Sent: Thursday, May 27, 2004 2:22 PM
> To: jeffrey.arnold
> Cc: foundry-nsp at puck.nether.net
> Subject: Re: [f-nsp] Centralized Load balancing via 802.1q?
>
> Maybe I should have mentioned that the serveriron XL's have a single
> ethernet connection to our core switch. We cannot use them as access
> switches. We already do exclusively DSR, and this works fine for
> balancing real servers on the same vlan and layer3 space as the XL.
>
> Let me whip up a quick diagram of what we'd like to do (don't know how
> well it will render for you)
>
> ServerIron
> |
> |
> (dot1q trunk)
> (vlans 1-100)
> |
> |
> Cat6500-----------------
> | |
> | |
> (dot1q trunk) (dot1q trunk)
> (vlans 1-100) (vlans 1-100)
> | |
> | |
> Cat2950 Cat2950
> | |
> | |
> (access port) (access port)
> (vlan 20) (vlan 21)
> | |
> | |
> Real Server A Real Server B
> (192.168.20.101) (102.168.21.101)
>
> I'd like to be able to have the ServerIron create a VIP on vlan 20,
> 192.168.20.100 for example, and balance across 192.168.20.10[1-x] I'd
> also like to have the ServerIron create a VIP on vlan 21,
> 192.168.21.100, and balance across 192.168.21.10[1-x] at the same time.
>
> Currently, if we have our XL configured on the 192.168.20.0/24 Space, we
> can't balance anything on 192.168.21.0/24 without source-nat (at least
> according to foundry support)
>
> Does that help explain what I'm looking to do?
>
> Matt
>
> On Thu, 2004-05-27 at 17:02, jeffrey.arnold wrote:
> > On Thu, 27 May 2004, Matt Stockdale wrote:
> >
> > :: dsr. I think the problem is that we have ServerIron XL's, which
> > seem to
> > :: be 90% layer2, and thus lack the feature I'm looking for, which is
> > :: heavily layer 3.
> > ::
> >
> > both the XL's and chassis based boxes work fine. In a dsr config, you
> > shouldn't need to do much more than define your router port(s) and tag
>
> > up the correct vlans. The foundry will do some L2 magic to get the
> > packets out with the correct vlan tags.
> >
> > -jba
> >
> > __
> > [jba at analogue.net] :: analogue.networks.nyc :: http://analogue.net
> --
> -----------------------
> Matt Stockdale
> Sr Network Engineer
> mstockda at logicworks.net
>
--
-----------------------
Matt Stockdale
Sr Network Engineer
mstockda at logicworks.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20040527/5ea0cf5c/attachment.sig>
More information about the foundry-nsp
mailing list