[f-nsp] Serveriron VLAN question
Jeff
fnsp at hvnc.net
Sat Apr 5 15:13:12 EDT 2008
Hello,
We're currently experimenting with a SI 4G as a replacement for another
vendor's SLB box.
The unit I have does not have a PREM license.
I believe the configuration is fairly simple. The 4 ports on the SI are
split into 2 LACP groups. One LACP group goes to our L3 switch handling
routing for the server farm, the other LACP group connects to an L2
switch which serves a VMware cluster where the servers are located. The
links are tagged, with several VLANs passing traffic through the SI to
the server farm.
We have been able to successfully configure SLB for serveral servers
located on the same VLAN as the management interface of the SI.
My problem/question is that if the SI's management interface is on the
VLAN tagged 80, how can I have it also do SLB for hosts on (say) VLAN 7?
I can see how that would be done with the PREM license by using the SI
as a L3 router, but is there a way to accomplish this without
configuring the SI as a router? The docs are kind of sparse in that area
and I don't see any way to tell the SI what VLAN a particular server
(real or virtual) is on, which makes me think that it's not possible,
but I'm hoping I'm incorrect..
I'd also like to avoid source nat, if I can help it.
Thanks..
Here's a snip of the current config on the box in our lab, if it helps.
vlan 80 carries 10.1.163.224/27
vlan 7 carries 10.1.163.64/27
vlan 80 has the management interface for the SI
ver 10.2.01TI2
!
server force-delete
server reassign-threshold 200
no server no-reassign-count
server l7-dont-use-gateway-mac
server source-ip 10.1.163.253 255.255.255.224 10.1.163.225
server router-ports ethernet 1
server router-ports ethernet 2
!
context default
!
server real wc4 10.1.163.230
port http
port http url "HEAD /"
!
server real wc5 10.1.163.231
port http
port http url "HEAD /"
!
server real ns1a 10.1.163.67
source-nat
source-ip 10.1.163.253
port dns
port dns l4-check-only
!
server real ns1b 10.1.163.68
port dns
!
!
server virtual testwww 10.1.163.252
port http
bind http wc4 http wc5 http
!
server virtual testdns 10.1.163.70
predictor response-time
port dns
bind dns ns1a dns ns1b dns
!
source-ip-debug
source-ip-log
vlan 1 name DEFAULT-VLAN by port
!
vlan 7 name DNS by port
tagged ethe 1 to 4
!
vlan 80 name WEB by port
tagged ethe 1 to 4
no spanning-tree
management-vlan
default-gateway 10.1.163.225 1
!
ip address 10.1.163.226 255.255.255.224
!
interface ethernet 1
link-aggregate active
!
interface ethernet 2
link-aggregate active
!
interface ethernet 3
link-aggregate active
!
interface ethernet 4
link-aggregate active
!
Jeff
More information about the foundry-nsp
mailing list