[f-nsp] One more ServerIron XL refresher question
William Cooper
wcooper02 at gmail.com
Wed May 5 15:13:47 EDT 2010
The XL also requires server router-ports to be configured, no?
otherwise traffic will hit the floor.
You can run the inline sniffer to see what is happening with the traffic as well
(re: debug filter).
Hope this helps,
-Tony
On 5/5/10, Mike Allen <mkallen at gmail.com> wrote:
> Drew, from the description, it sounds like the traffic is bypassing the SI
> on the return. A quick easy way to test this would be to turn on Source-Nat
> for the real servers, and configure a Source-Ip address. If it works with
> the source-nat, then your return traffic from the servers is going directly
> to the default gateway and the SI is never seeing it to perform the
> reverse-nat (real to vip) on the outbound. Hope that helps.
>
> Mike
>
> On Wed, May 5, 2010 at 6:45 AM, Jamie Dahl <jamied at meatball.net> wrote:
>
>> Is the VIP inline or DSR?
>>
>> Are the servers connected behind the LB or one-arm/next to the LB?
>>
>> do both Vlans/subnets exist on the LB?
>>
>>
>> Jamie Dahl
>> ---
>> "Thousands of tired, nerve-shaken, over-civilized people are beginning to
>> find out that going to the mountains is going home; that wilderness is a
>> necessity; and that mountain parks and reservations are useful not only as
>> fountains of timber and irrigating rivers, but as fountains of life."
>> --John
>> Muir
>>
>>
>>
>>
>>
>>
>> On May 5, 2010, at 9:16 AM, Jared Valentine wrote:
>>
>> What is your client PC ip address and default gateway when you are doing
>>> these tests?
>>>
>>> Thanks,
>>>
>>> Jared Valentine, CISSP
>>> Systems Engineer
>>> Brocade
>>> jvalenti at brocade.com
>>> 801-208-5459 (o)
>>> 801-815-2700 (c)
>>>
>>>
>>> On May 5, 2010, at 6:40 AM, Drew Weaver <drew.weaver at thenap.com> wrote:
>>>
>>> Hey all,
>>>>
>>>>
>>>>
>>>> It's been awhile since i've had to dabble with a SI XL and I am running
>>>> into a snag.
>>>>
>>>>
>>>>
>>>> We have a SI XL that has 3 servers connected to it, port 1 is a 'uplink'
>>>> connection for the servers and port 16 is a connection for the
>>>> management
>>>> port and VIPs.
>>>>
>>>>
>>>>
>>>> The 3 servers and the uplink are all in VLAN 2, and the 'management' is
>>>> in the default VLAN (1).
>>>>
>>>>
>>>>
>>>> Virtual Server Name: app, IP: 10.1.74.35
>>>>
>>>> http -------> server1: 192.168.94.34, http (Active)
>>>>
>>>> server2: 192.168.94.35, http (Active)
>>>>
>>>>
>>>>
>>>> I can get to HTTP if i go directly to http://192.168.94.34 or
>>>> http://192.168.94.35, I am seeing keepalive requests hit the log on both
>>>> of the real servers from the load balancer, but if I go to 10.1.74.35 it
>>>> just hangs forever.
>>>>
>>>>
>>>>
>>>> I can also ping 10.1.74.35 from clients.
>>>>
>>>>
>>>>
>>>> Any clue?
>>>>
>>>>
>>>>
>>>> thanks,
>>>>
>>>> -Drew
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> foundry-nsp mailing list
>>>> foundry-nsp at puck.nether.net
>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>>>
>>> _______________________________________________
>>> foundry-nsp mailing list
>>> foundry-nsp at puck.nether.net
>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>>
>>
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>
>
More information about the foundry-nsp
mailing list