[f-nsp] Centralized Load balancing via 802.1q?

Cliff Fogle Cliff at ofoto.com
Thu May 27 19:41:42 EDT 2004 

Yeah, those are the two gig ports on the XL which are
trunked/channeled/bonded together.

Also, check the 8 number.  I might be wrong.  There is some limitation
though, I just can't find the foundry doc that I read it in. 

-----Original Message-----
From: Matt Stockdale [mailto:mstockda at logicworks.net] 
Sent: Thursday, May 27, 2004 2:35 PM
To: Cliff Fogle
Cc: jeffrey.arnold; foundry-nsp at puck.nether.net
Subject: RE: [f-nsp] Centralized Load balancing via 802.1q?

Ah ha, This is exactly what I was looking for. 

Now, is there any special config on ethe 25,26? If you know cisco-speak,
are these the equivalent of an etherchannel pair?

Even with an 8 source IP limitation, that lets us reduce our XL's by a
factor of 8, since our main shared pair serves one class c currently,
and customers who need their own dedicated vlan/address space, or want
dedicated firewalls, they get their own pair of XL's.

Matt

On Thu, 2004-05-27 at 17:28, Cliff Fogle wrote:
> I do this using subnet vlans.  All virtuals are in the same subnet as 
> the reals.
> 
> Something along these lines:
> 
>  vlan 110 by port
>   tagged ethe 25 to 26
>   ip-subnet 192.168.4.0 255.255.255.0
>  !
>  vlan 111 by port
>   tagged ethe 25 to 26
>   ip-subnet 192.168.5.0 255.255.255.0
> 
> Making sure to give the serveriron all necessary source ip's:
> 
> (from global config mode)
> 
>  server source-ip 192.168.5.254 255.255.255.0 0.0.0.0
>  
> The source Ip is pretty much just to make sure that the keepalives get

> out on the right vlan.  The catch?:  You can only have 8 source ip's 
> on a single XL...
> 
> Here is what foundry has to say about it:
> http://www.foundrynet.com/services/documentation/sribcg/VLANs.html#160
> 34
> 
> -----Original Message-----
> From: foundry-nsp-bounces at puck.nether.net
> [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Matt 
> Stockdale
> Sent: Thursday, May 27, 2004 2:22 PM
> To: jeffrey.arnold
> Cc: foundry-nsp at puck.nether.net
> Subject: Re: [f-nsp] Centralized Load balancing via 802.1q?
> 
> Maybe I should have mentioned that the serveriron XL's have a single 
> ethernet connection to our core switch. We cannot use them as access 
> switches. We already do exclusively DSR, and this works fine for 
> balancing real servers on the same vlan and layer3 space as the XL.
> 
> Let me whip up a quick diagram of what we'd like to do (don't know how

> well it will render for you)
> 
>     ServerIron
>          |
>          |
>   (dot1q trunk)
>   (vlans 1-100)
>          |
>          |
>      Cat6500-----------------
>          |                         |
>          |                         |
>  (dot1q trunk)       (dot1q trunk)
>  (vlans 1-100)       (vlans 1-100)
>          |                         |
>          |                         |
>      Cat2950                Cat2950
>          |                         |
>          |                         |
>  (access port)          (access port)
>    (vlan 20)               (vlan 21)
>          |                         |
>          |                         |
>   Real Server A         Real Server B
> (192.168.20.101)      (102.168.21.101)
> 
> I'd like to be able to have the ServerIron create a VIP on vlan 20, 
> 192.168.20.100 for example, and balance across 192.168.20.10[1-x] I'd 
> also like to have the ServerIron create a VIP on vlan 21, 
> 192.168.21.100, and balance across 192.168.21.10[1-x] at the same
time.
> 
> Currently, if we have our XL configured on the 192.168.20.0/24 Space, 
> we can't balance anything on 192.168.21.0/24 without source-nat (at 
> least according to foundry support)
> 
> Does that help explain what I'm looking to do?
> 
> Matt
> 
> On Thu, 2004-05-27 at 17:02, jeffrey.arnold wrote:
> > On Thu, 27 May 2004, Matt Stockdale wrote:
> > 
> > :: dsr. I think the problem is that we have ServerIron XL's, which 
> > seem to
> > :: be 90% layer2, and thus lack the feature I'm looking for, which 
> > is
> > :: heavily layer 3.
> > :: 
> > 
> > both the XL's and chassis based boxes work fine. In a dsr config, 
> > you shouldn't need to do much more than define your router port(s) 
> > and tag
> 
> > up the correct vlans. The foundry will do some L2 magic to get the 
> > packets out with the correct vlan tags.
> > 
> > -jba
> > 
> > __
> >  [jba at analogue.net] :: analogue.networks.nyc :: http://analogue.net
> --
> -----------------------
>     Matt Stockdale
>   Sr Network Engineer
> mstockda at logicworks.net
> 
--
-----------------------
    Matt Stockdale
  Sr Network Engineer
mstockda at logicworks.net

More information about the foundry-nsp mailing list