思科接口和模块 : 思科内容交换模块

服务器负载均衡的内容交换模块和对真实服务器直接访问的配置示例

2016 年 10 月 24 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 8 月 22 日) | 反馈


目录


简介

内容交换模块(CSM)可以被添加到有运行本地IOS的多层交换机特性卡(MSFC)的一台Catalyst 6500。此模块允许最终性能,当负载均衡流量对多个服务器或防火墙。

一般,当您使用CSM时,直接访问对服务器不是可用的。然而,此配置使用各自的IP地址为了直接地到达服务器。此配置通过虚拟地址也表示对服务器的负载均衡连接。

先决条件

要求

本文档没有任何特定的要求。

使用的组件

本文档中的信息基于以下软件和硬件版本:

  • Cisco IOS�软件版本12.1(11b)E1

  • Catalyst 6000

  • ROM :系统引导,版本12.0(3)XE,发行软件

  • BOOTLDR :MSFC软件(C6MSFC-BOOT-M),版本12.1(3a)E4,早期软件发行(fc1)

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

配置

本部分提供有关如何配置本文档所述功能的信息。

使用命令查找工具仅限注册用户)可获取有关本部分所使用命令的详细信息。

网络图

本文档使用以下网络设置:

/image/gif/paws/26290/csm_slb_reals-a.gif

配置

为了完成此配置,请遵从这些步骤:

  1. 配置在交换机的VLAN。

    Router#vlan database
    Router(vlan)#vlan 10
    VLAN 10 added:
        Name: VLAN0010
    Router(vlan)#vlan 50
    VLAN 50 added:
        Name: VLAN0050
    Router(vlan)#exit 
    APPLY completed.
    Exiting....
  2. 配置交换机的端口。

    Router#conf t
    Enter configuration commands, one per line.  End with CNTL/Z.
    Router(config)#int fa 4/1
    Router(config-if)#switchport
    Router(config-if)#switchport access vlan 10
    Router(config-if)#no shut
    Router(config-if)#int fa 4/46
    Router(config-if)#switchport
    Router(config-if)#switchport access vlan 50
    Router(config-if)#no shut
    Router(config-if)#int fa 4/47
    Router(config-if)#switchport
    Router(config-if)#switchport access vlan 50
    Router(config-if)#no shut
    Router(config-if)#int fa 4/48
    Router(config-if)#switchport
    Router(config-if)#switchport access vlan 50
    Router(config-if)#no shut   
    Router(config-if)#int fa 4/45
    Router(config-if)#switchport
    Router(config-if)#switchport access vlan 50
    Router(config-if)#no shut
    Router(config-if)#exit
    
  3. 配置在MSFC的接口VLAN客户端的VLAN。

    Router(config-if)#interface vlan 10
    Router(config-if)#ip address 172.17.63.229 255.255.255.192
    Router(config-if)#no shut
    Router(config-if)#exit
    
  4. 配置在MSFC的路由。

    Router(config)#ip route 10.0.0.0 255.255.255.0 172.17.63.233
    Router(config)#ip route 0.0.0.0 0.0.0.0 172.17.63.193
    Router(config)#
  5. 配置CSM服务器VLAN。

    Router(config)#module csm 3
    Router(config-module-csm)#vlan 50 server
    Route(config-slb-vlan-server)#ip address 10.0.0.1 255.255.255.0
    Route(config-slb-vlan-server)#gateway 172.17.63.229
    
  6. 通过配置IP地址和网关配置CSM客户端VLAN。

     Route(config-slb-vlan-server)#vlan 10 client
     Route(config-slb-vlan-client)#ip address 172.17.63.233 255.255.255.192
     Route(config-slb-vlan-client)#gateway 172.17.63.229
     Route(config-slb-vlan-client)#exit
     Router(config-slb-sfarm)#
    
  7. 配置直接访问的serverfarm。

    Router(config-module-csm)#serverfarm SERVER-SUBNETS
    Router(config-slb-sfarm)#predictor forward
    Router(config-slb-sfarm)#exit
    
  8. 配置直接访问的vserver。

    Router(config-module-csm)#vserver DIRECT-ACCESS
    Router(config-slb-vserver)#virtual 10.0.0.0 255.255.255.0 any
    Router(config-slb-vserver)#serverfarm SERVER-SUBNETS
    Router(config-slb-vserver)#inservice
    Router(config-slb-vserver)#exit
    Router(config-module-csm)#exit
    
  9. 配置服务器的serverfarm。

    Router(config-module-csm)#serverfarm SERVERS
    Router(config-slb-sfarm)#nat server
    Router(config-slb-sfarm)#no nat client
    Router(config-slb-sfarm)#real 10.0.0.10
    Router(config-slb-real)#inservice
    Router(config-slb-real)#real 10.0.0.11
    Router(config-slb-real)#inservice
    Router(config-slb-real)#real 10.0.0.12
    Router(config-slb-real)#inservice
    Router(config-slb-real)#real 10.0.0.13
    Router(config-slb-real)#inservice
    Router(config-slb-real)#exit
    
  10. 配置负载均衡的流量的vserver。

    Router(config-slb-sfarm)#vserver MYSITE
    Router(config-slb-vserver)#virtual 172.17.63.231 any
    Router(config-slb-vserver)#serverfarm SERVERS
    Router(config-slb-vserver)#inservice
    Router(config-slb-vserver)#exit
    Router(config-module-csm)#serverfarm SERVER-SUBNETS
    Router(config-slb-sfarm)#predictor forward
    Router(config-slb-sfarm)#exit
    Router(config-module-csm)#exit
    Router(config)#exit
    Router#wr mem
    Building configuration...
    
    01:44:58: %SYS-5-CONFIG_I: Configured from console by console[OK]

验证

使用本部分可确认配置能否正常运行。

  1. 查看配置。

    Router#show run
    Building configuration...
    
    Current configuration : 4071 bytes
    !
    version 12.1
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Router
    !
    boot bootldr bootflash:c6msfc-boot-mz.121-3a.E4
    !
    redundancy
     main-cpu
      auto-sync standard
    ip subnet-zero
    !
    !
    !
    mls qos statistics-export interval 300
    mls qos statistics-export delimiter |
    module ContentSwitchingModule 3 
     vlan 50 server
      ip address 10.0.0.1 255.255.255.0
    !
     vlan 10 client
      ip address 172.17.63.233 255.255.255.192
      gateway 172.17.63.229
    !
     serverfarm SERVER-SUBNETS
      nat server 
      no nat client
      predictor forward
    !
     serverfarm SERVERS
    nat server 
      no nat client
      real 10.0.0.10
       inservice
      real 10.0.0.11
       inservice
      real 10.0.0.12
       inservice
      real 10.0.0.13
       inservice
    !
     vserver DIRECT-ACCESS
      virtual 10.0.0.0 255.255.255.0 any
      serverfarm SERVER-SUBNETS
      persistent rebalance
      inservice
    !
     vserver MYSITE
      virtual 172.17.63.231 any
      serverfarm SERVERS
      persistent rebalance
      inservice
    !
    !
    !
    !
    interface GigabitEthernet1/1
     no ip address
     shutdown
    !
    interface GigabitEthernet1/2
     no ip address
     shutdown
    !
    interface FastEthernet4/1
     no ip address
     switchport
     switchport access vlan 10
    !
    interface FastEthernet4/2
     no ip address
     shutdown
    !
    interface FastEthernet4/3
     no ip address
     shutdown
    !
    !
    
    --- output suppressed ---
    
    !
    !
    interface FastEthernet4/43
     no ip address
     shutdown
    !
    interface FastEthernet4/44
     no ip address
     shutdown
    !
    interface FastEthernet4/45
     no ip address
     switchport
     switchport access vlan 50
    !
    interface FastEthernet4/46
     no ip address
     switchport
     switchport access vlan 50
    !
    interface FastEthernet4/47
     no ip address
     switchport
     switchport access vlan 50
    !
    interface FastEthernet4/48
     no ip address
     switchport
     switchport access vlan 50
    !
    interface Vlan1
     no ip address
     shutdown
    !
    interface Vlan10
     ip address 172.17.63.229 255.255.255.192
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 172.17.63.193
    ip route 10.0.0.0 255.255.255.0 172.17.63.233
    no ip http server
    !
    !
    !
    line con 0
    line vty 0 4
    !
    end
    
  2. 验证VLAN在交换处理器配置。

    Router#show vlan
    VLAN Name                             Status    Ports
    ---- -------------------------------- --------- -------------------------------
    1    default                          active    
    1002 fddi-default                     active    
    1003 token-ring-default               active    
    1004 fddinet-default                  active    
    1005 trnet-default                    active    
    
    VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
    ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
    1    enet  100001     1500  -      -      -        -    -        0      0   
    1002 fddi  101002     1500  -      -      -        -    -        0      0   
    1003 tr    101003     1500  -      -      -        -    -        0      0   
    1004 fdnet 101004     1500  -      -      -        ieee -        0      0   
    1005 trnet 101005     1500  -      -      -        ibm  -        0      0   
    
    Primary Secondary Type              Ports
    ------- --------- ----------------- ------------------------------------------
    
    Router#
  3. 验证模块在他们适当的slot。

    Router# show module
    Mod Ports Card Type                              Model              Serial No.
    --- ----- -------------------------------------- ------------------ -----------
      1    2  Cat 6k sup 1 Enhanced QoS (Active)     WS-X6K-SUP1A-2GE   SAD05020E10
      3    0  SLB Application Processor Complex      WS-X6066-SLB-APC   SAD051102E1
      4   48  48 port 10/100 mb RJ45                 WS-X6348-RJ-45     SAL05073TGR
    
    Mod MAC addresses                       Hw    Fw           Sw           Status
    --- ---------------------------------- ------ ------------ ------------ -------
      1  0001.c9b0.3b6c to 0001.c9b0.3b6d   7.0   5.4(2)       7.2(0.35)    Ok      
      3  0030.f271.5d28 to 0030.f271.5d2f   1.2                2.2(2a)      Ok      
      4  0004.de83.4530 to 0004.de83.455f   2.0   5.4(2)       7.2(0.35)    Ok      
    
    Mod Sub-Module                  Model           Serial           Hw     Status 
    --- --------------------------- --------------- --------------- ------- -------
      1 Policy Feature Card         WS-F6K-PFC      SAD05020NYT      1.1    Ok     
      1 MSFC Cat6k daughterboard    WS-F6K-MSFC     SAD05020B9A      1.4    Ok 
  4. 检查您的Reals。

    Router#show modu csm 3 reals
    
    real                  server farm      weight  state          conns
    -------------------------------------------------------------------
    10.0.0.10             SERVERS          8       OPERATIONAL    0        
    10.0.0.11             SERVERS          8       OPERATIONAL    0        
    10.0.0.12             SERVERS          8       OPERATIONAL    0        
    10.0.0.13             SERVERS          8       FAILED         0        
    Router#
  5. 检查您的vserver。

    Router#show module csm 3 vservers
    
    slb vserver      prot  virtual                  vlan  state         conns  
    ---------------------------------------------------------------------------
    DIRECT-ACCESS    any   10.0.0.0/24:0            ALL   OPERATIONAL   0       
    MYSITE           any   172.17.63.231/32:0       ALL   OPERATIONAL   1       
    Router#show module csm 3 ?
      arp           SLB arp cache listing
      capp          SLB Content Application Peering Protocol information
      conns         SLB connection information
      dfp           SLB DFP manager information
      ft            SLB ft information
      map           SLB map information
      memory        SLB memory information
      natpools      SLB client nat pool information
      policy        SLB policy information
      probe         SLB probe information
      reals         SLB real server information
      serverfarms   SLB server farm information
      static        SLB static server NAT information
      stats         SLB Statistics
      status        SLB status information
      sticky        SLB sticky database
      tech-support  SLB tech debug information
      vlan          SLB vlan information
      vservers      SLB virtual server information
  6. 检查在CSM的连接。

    Router#show module csm 3 conns
    
        prot vlan source                destination           state       
    ----------------------------------------------------------------------
    In  TCP  10   171.71.78.140:53141   172.17.63.231:23      ESTAB       
    Out TCP  50   10.0.0.11:23          171.71.78.140:53141   ESTAB       
    
    In  UDP  50   10.0.0.11:1130        192.168.1.1:161       ESTAB       
    Out UDP  10   192.168.1.1:161       10.0.0.11:1130        ESTAB 
  7. 检查在模块的统计信息。

    Router#show module csm 3 stats
    Connections Created:        6
    Connections Destroyed:      5
    Connections Current:        1
    Connections Timed-Out:      0
    Connections Failed:         0
    Server initiated Connections:
          Created: 13, Current: 0, Failed: 13
    L4 Load-Balanced Decisions: 18
    L4 Rejected Connections:    1
    L7 Load-Balanced Decisions: 0
    L7 Rejected Connections:
          Total: 0, Parser: 0,
          Reached max parse len: 0, Cookie out of mem: 0,
          Cfg version mismatch: 0, Bad SSL2 format: 0
    L4/L7 Rejected Connections:
          No policy: 0, No policy match 0,
          No real: 1, ACL denied 0,
          Server initiated: 0
    Checksum Failures:  IP: 0, TCP: 0
    Redirect Connections: 0,  Redirect Dropped: 0
    FTP Connections:            0
    MAC Frames:
          Tx: Unicast: 709, Multicast: 0, Broadcast: 155,
              Underflow Errors: 0
          Rx: Unicast: 723, Multicast: 1433, Broadcast: 83,
              Overflow Errors: 0, CRC Errors: 0
  8. 检查在serverfarm的其他详细信息。

    Router#show module csm 3 serverfarms detail
    SERVER-SUBNETS, predictor = Forward, nat = SERVER
      virtuals inservice: 1, reals = 0, bind id = 0, fail action = none
      inband health config: <none<
      retcode map = <none<
      Total connections = 0
    
    SERVERS, predictor = RoundRobin, nat = SERVER
      virtuals inservice: 1, reals = 4, bind id = 0, fail action = none
      inband health config: <none<
      retcode map = <none<
      Real servers:
        10.0.0.10, weight = 8, OPERATIONAL, conns = 0
        10.0.0.11, weight = 8, OPERATIONAL, conns = 0
        10.0.0.12, weight = 8, OPERATIONAL, conns = 0
        10.0.0.13, weight = 8, FAILED, conns = 0
      Total connections = 0
    
    Router#
    Router#show module csm 3 conns ?
      client   conns associated with a specific client IP address
      detail   Detailed output
      vserver  conns associated with a specific vserver
      |        Output modifiers
      <cr>
  9. 检查在vserver的其他详细信息。

    Router#show module csm 3 vservers detail
    DIRECT-ACCESS, state = OPERATIONAL, v_index = 10
      virtual = 10.0.0.0/24:0, any, service = NONE, advertise = FALSE
      idle = 3600, replicate csrp = none, vlan = ALL, pending = 30
      max parse len = 600, persist rebalance = TRUE
      conns = 1, total conns = 1
      Default policy:
        server farm = SERVER-SUBNETS
        sticky: timer = 0, subnet = 0.0.0.0, group id = 0
      Policy           Tot Conn     Client pkts  Server pkts
      ------------------------------------------------------
      (default)        1            27           19           
    
    MYSITE, state = OPERATIONAL, v_index = 11
      virtual = 172.17.63.231/32:0, any, service = NONE, advertise = FALSE
      idle = 3600, replicate csrp = none, vlan = ALL, pending = 30
      max parse len = 600, persist rebalance = TRUE
      conns = 0, total conns = 8
      Default policy:
        server farm = SERVERS
        sticky: timer = 0, subnet = 0.0.0.0, group id = 0
      Policy           Tot Conn     Client pkts  Server pkts
      ------------------------------------------------------
      (default)        8            539          405  

故障排除

目前没有针对此配置的故障排除信息。


相关信息


Document ID: 26290