Getting Started Guide vA5(1.0), Cisco ACE 4700 Series Application Control Engine Appliance - Configuring Bridged Mode [Cisco ACE 4700 Series Application Control Engine Appliances]

Table Of Contents

Configuring Bridged Mode

Information About Configuring Bridged Mode

Prerequisites

Guidelines and Limitations

Configuring Bridged Mode on the ACE

Configuring Server Load Balancing

Configuring Bridged Mode Using the Device Manager GUI

Configuring Bridged Mode Using the CLI

Configuration Example for Bridged Mode

Where to Go Next

Configuring Bridged Mode

This chapter describes how to configure the ACE to bridge traffic on a single IP subnet.

This chapter includes the following topics:

•Information About Configuring Bridged Mode

•Prerequisites

•Guidelines and Limitations

•Configuring Bridged Mode on the ACE

•Configuration Example for Bridged Mode

•Where to Go Next

Information About Configuring Bridged Mode

After reading this chapter, you should have a basic understanding of bridged mode, how it works in the ACE, and how to configure it.

Up to this point in this guide, you have been configuring the ACE in routed mode. Routed mode treats the ACE as a next hop in the network, typically with a client-side VLAN and a server-side VLAN in different IP subnets or even in different IP networks. The VLAN interfaces rely on IP addresses to route packets from one subnet or network to another.

In bridged mode, the ACE bridges traffic between two VLANs in the same IP subnet. The VLAN facing the WAN is the client-side VLAN. The VLAN facing the data center is the server-side VLAN. A bridge group virtual interface (BVI) joins the two VLANs into one bridge group.

As traffic passes through the client-side VLAN, the ACE evaluates the traffic with the configured service policy. Traffic that matches a policy is redirected to a server that has a dedicated VLAN interface configured on the ACE. Traffic leaving the server goes to the ACE, where it is directed out of the server side VLAN to the origin server. Traffic is routed by means of static routing. No dynamic routing protocols are required.

For more detailed information about both bridged mode and routed mode, see the Routing and Bridging Guide, Cisco ACE Application Control Engine.

Prerequisites

Bridged mode on an ACE has the following prerequisites:

•Contact your network administrator to determine which VLANs and addresses are available for use by the ACE.

•Configure a default route on the ACE to identify an IP address for the ACE to send all IP packets for which it does not have a route (see the "Enabling Management Connectivity Using the Setup Script" section in Chapter , "Setting Up an ACE Appliance").

•Configure an access list to allow traffic (see the "Configuring an ACL" section in Chapter , "Configuring Access Control Lists").

Guidelines and Limitations

Bridged mode on the ACE has the following configuration guidelines and limitations:

•The ACE supports 4,094 BVIs per system.

•The ACE supports a maximum of 8,192 interfaces per system that include VLANs, shared VLANs, and BVI interfaces.

•When you configure a bridge group on an interface VLAN, the ACE automatically makes it a bridged interface.

•The ACE supports a maximum of two Layer 2 interface VLANs per bridge group.

•The ACE does not allow shared VLAN configurations on Layer 2 interfaces.

•Because Layer 2 VLANs are not associated with an IP address, they require extended access control lists (ACLs) for controlling IP traffic. You can also optionally configure EtherType ACLs to pass non-IP traffic.

•The ACE does not perform MAC address learning on a bridged interface. Instead, learning is performed by ARP. Bridge lookup is based on the bridge-group identifier and destination MAC address. A bridged interface automatically sends multicast and broadcast bridged traffic to the other interface of the bridge group.

•ARP packets are always passed through an Layer 2 interface after their verification and inspection. Multicast and broadcast packets from the incoming interface are flooded to the other L2 interface in the bridge group.

•The server default gateway is the upstream router.

•By default, the ACE performs a route lookup to select the next hop to reach the client. We recommend using the mac-sticky feature, rather than the static default route, to send return traffic back in response to the client connection.

This chapter describes how to configure bridged mode using the example shown in Figure 12-1.

Figure 12-1 Example of Bridged Mode

The configuration of the example setup is as follows:

•A virtual server VS_WEB2 is created with a virtual IP address 10.15.3.100 to forward the client traffic from VLAN 40 to the servers in VLAN 41.

•There are four real servers grouped into the server farm SF_WEB2.

•VLAN 40 is assigned to the ACE and is used for client-side traffic. VLAN 41 is assigned to the ACE and is used for server-side traffic.

•A BVI with the IP address 10.15.3.5 configures the two VLANs into one bridge group.

Configuring Bridged Mode on the ACE

To configure bridged mode, you can use either the ACE Device Manager user interface (GUI) or the CLI.

•Configuring Server Load Balancing

•Configuring Bridged Mode Using the Device Manager GUI

•Configuring Bridged Mode Using the CLI

Configuring Server Load Balancing

Procedure

Step 1 Add the four real servers (see the "Configuring Real Servers" section in Chapter , "Configuring Server Load Balancing"), using the following real server names, descriptions, and IP addresses and place each server in service:

•Name: RS_WEB5, Description: content server web-five, IP Address: 10.15.3.11

•Name: RS_WEB6, Description: content server web-six, IP Address: 10.15.3.12

•Name: RS_WEB7, Description: content server web-seven, IP Address: 10.15.3.13

•Name: RS_WEB8, Description: content server web-eight, IP Address: 10.15.3.14

Step 2 Group these real servers into a server farm (see the "Creating a Server Farm" section in Chapter , "Configuring Server Load Balancing") and place each server in service. In this example, name the server farm SF_WEB2.

Step 3 Configure a TCP probe to check the health of all the real servers in the server farm and associate the probe with the server farm. See the "Configuration Example for Bridged Mode" section.

Step 4 Create a virtual server traffic policy (see "Creating a Virtual Server Traffic Policy" section in Chapter , "Configuring Server Load Balancing"). For this example, do the following:

•Create a Layer 7 policy map for the action when the client request arrives and is sent to the server farm, name the load-balancing policy HTTP_LB, configure a default class map, and associate the server farm SF_WEB2.

•Create a Layer 3 and Layer 4 class map to define the VIP where the clients will send their requests, and name the class map VS_WEB2 with a match virtual address of 10.15.3.100 with a match on any port.

•Create a Layer 3 and Layer 4 multi-match policy map to direct classified incoming requests to the load-balancing policy map. In this example, name the policy HTTP_MULTI_MATCH, associate the VS_WEB2 class map and the HTTP_LB policy map. and then enable the VIP for load-balancing operations by placing it in service.

Configuring Bridged Mode Using the Device Manager GUI

Configure bridged mode using the Device Manager user interface by following these steps:

Step 1 Choose VC_web in the virtual contexts drop-down list.

Step 2 Perform the following actions to configure interface attributes for the client-side and server-side VLANs.

a. Select Config > Virtual Contexts > Network > VLAN Interfaces. The VLAN Interface table appears.

b. Click Add (+) to add a new VLAN interface. Click More Settings to access the additional VLAN interface attributes. By default, ACE appliance Device Manager hides the default VLAN interface attributes and the VLAN interface attributes which are not commonly used.

c. Enter the following interface attributes for the client-side VLAN. Leave the remaining attributes blank or with their default values.

•VLAN: 40

•Description: Client_side

•Interface Type: Bridged

•BVI: 1

•Admin Status: Up

•Input Policies: HTTP_MULTI_MATCH

•Input Access Group: INBOUND

d. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose VLAN Interfaces to return to the VLAN Interfaces pane

e. Enter the following interface attributes for the server-side VLAN. Leave the remaining attributes blank or with their default values.

•VLAN: 41

•Description: Server_side

•Interface Type: Bridged

•BVI: 1

•Admin Status: Up

•Input Policies: HTTP_MULTI_MATCH

•Input Access Group: INBOUND

f. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose VLAN Interfaces to return to the VLAN Interfaces pane.

g. (Optional) To display statistics and status information for a VLAN interface, choose the VLAN interface from the VLAN Interface table, then click Details. The show interface vlan CLI command output appears.

Step 3 Perform the following actions to create the BVI.

a. Select Config > Virtual Contexts > Network > BVI Interfaces. The BVI Interface tables appears.

b. Click Add (+) to add a new BVI interface.

c. Enter the following interface attributes for the BVI. Leave the remaining attributes blank or with their default values.

•BVI: 1

•Description: Client and server bridge group 1

•IP Address: 10.15.3.5

•Netmask: 255.255.255.0

•Admin Status: Up

•First VLAN: 40

•First VLAN Description: Client_side

•Second VLAN: 41

•Second VLAN Description: Server_side

d. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose BVI Interfaces to return to the VLAN Interfaces pane.

e. (Optional) To display statistics and status information for a BVI interface, choose the BVI interface from the BVI Interface table, then click Details. The show interface bvi, show ipv6 interface bvi, and show ipv6 neighbors CLI commands appear.

Configuring Bridged Mode Using the CLI

You can configure bridged mode by creating the client-side and the server side VLANs on the ACE and associating them with a BVI.

Configure the VLANs and a BVI using the CLI by following these steps:

Step 1 Verify that you are operating in the desired context by checking the CLI prompt. If necessary, change to the correct context.
host1/Admin# changeto VC_web
host1/VC_web#
Step 2 Enter configuration mode.
host1/VC_web# config
host1/VC_web(config)#
Step 3 Accesses the interface for the client-side VLAN.
host1/VC_web(config)# interface vlan 40
host1/VC_web(config-if)#
Step 4 Enter a description of the VLAN.
host1/VC_web(config-if)# description Client_side
Step 5 Assign the VLAN to the BVI.
host1/VC_web(config-if)# bridge-group 1
Step 6 Apply the ACL to the VLAN.
host1/VC_web(config-if)# access-group input INBOUND
Step 7 Apply the multi-match policy map to the VLAN.
host1/VC_web(config-if)# service-policy input HTTP_MULTI_MATCH
Step 8 Place the VLAN in service.
host1/VC_web(config-if)# no shutdown
Step 9 Exit interface configuration mode.
host1/VC_web(config-if)# exit
host1/VC_web(config)#
Step 10 Access the interface for the server-side VLAN.
host1/VC_web(config)# interface vlan 41
host1/VC_web(config-if)#
Step 11 Enter a description of the VLAN.
host1/VC_web(config-if)# description Server_side
Step 12 Assign the VLAN to the BVI.
host1/VC_web(config-if)# bridge-group 1
Step 13 Place the VLAN in service.
host1/VC_web(config-if)# no shutdown
Step 14 Exit interface configuration mode.
host1/VC_web(config-if)# exit
host1/VC_web(config)#
Step 15 Create the BVI.
host1/VC_web(config)# interface bvi 1
host1/VC_web(config-if)#
Step 16 Enter a description of the BVI.
host1/VC_web(config-if)# description Client and server bridge group 1
Step 17 Assign an IP address and network mask to the BVI interface.
host1/VC_web(config-if)# ip address 10.15.3.5 255.255.255.0
Step 18 Place the BVI in service.
host1/VC_web(config-if)# no shutdown
Step 19 Return to Exec mode directly from any configuration mode.
host1/Admin(config-if)# Ctrl-Z
host1/Admin#
Step 20 Display the interface configuration.
host1/Admin# show running-config interface
Step 21 Display the status and statistics for the BVI interface.
host1/Admin# show interface bvi 1
Step 22 (Optional) Copy the running configuration to the startup configuration.

host1/Admin# copy running-config startup-config

Configuration Example for Bridged Mode

The following running configuration example shows a basic bridged mode configuration. The commands that you have configured in this chapter appear in bold text.
access-list INBOUND extended permit ip any
probe tcp TCP_PROBE1
rserver host RS_WEB5
description content server web-five
ip address 10.15.3.11
inservice
rserver host RS_WEB6
description content server web-six
ip address 10.15.3.12
inservice
rserver host RS_WEB7
description content server web-seven
ip address 10.15.3.13
inservice
rserver host RS_WEB8
description content server web-eight
ip address 10.15.3.14
inservice
serverfarm SF_WEB2
    probe TCP_PROBE1
rserver RS_WEB5 80
inservice
rserver RS_WEB6 80
inservice
rserver RS_WEB7 80
inservice
rserver RS_WEB8 80
inservice
policy-map type loadbalance first-match HTTP_LB
class class-default
serverfarm SF_WEB2
class-map VS_WEB2
match virtual-address 10.15.3.100 any
policy-map multi-match HTTP_MULTI_MATCH
class VS_WEB2
loadbalance policy HTTP_LB
loadbalance vip inservice
interface bvi 1
description Client and server bridge group 1
ip address 10.15.3.5 255.255.255.0
no shutdown
interface vlan 40
description Client_side
bridge-group 1
access-group input INBOUND
service-policy input HTTP_MULTI_MATCH
no shutdown
interface vlan 41
description Server-side
bridge-group 1
no shutdown
context VC_web
allocate-interface vlan 40
allocate-interface vlan 41
member RC_WEB
ip route 0.0.0.0 0.0.0.0 10.15.3.1
Where to Go Next

In this chapter, you have learned how to configure bridged mode on your ACE. In the next chapter, you will learn how to configure your ACE for "one-arm" mode.

	Getting Started Guide vA5(1.0), Cisco ACE 4700 Series Application Control Engine Appliance
	Configuring Bridged Mode
Getting Started Guide vA5(1.0), Cisco ACE 4700 Series Application Control Engine Appliance Preface Overview Setting Up an ACE Appliance Creating a Virtual Context Configuring Access Control Lists Configuring Role-Based Access Control Configuring Server Load Balancing Configuring a Load-Balancing Predictor Configuring Server Persistence Using Stickiness Configuring SSL Security Configuring Health Monitoring Using Health Probes Configuring Redundant ACEs Configuring Bridged Mode Configuring One-Arm Mode Index	Download this chapter Configuring Bridged Mode Download the complete book Getting Started Guide v 5.1(0), Cisco ACE 4700 Series Application Control Engine Appliance (Book-Length PDF) (PDF - 1 MB) Feedback Table Of Contents Configuring Bridged Mode Information About Configuring Bridged Mode Prerequisites Guidelines and Limitations Configuring Bridged Mode on the ACE Configuring Server Load Balancing Configuring Bridged Mode Using the Device Manager GUI Configuring Bridged Mode Using the CLI Configuration Example for Bridged Mode Where to Go Next Configuring Bridged Mode This chapter describes how to configure the ACE to bridge traffic on a single IP subnet. This chapter includes the following topics: •Information About Configuring Bridged Mode •Prerequisites •Guidelines and Limitations •Configuring Bridged Mode on the ACE •Configuration Example for Bridged Mode •Where to Go Next Information About Configuring Bridged Mode After reading this chapter, you should have a basic understanding of bridged mode, how it works in the ACE, and how to configure it. Up to this point in this guide, you have been configuring the ACE in routed mode. Routed mode treats the ACE as a next hop in the network, typically with a client-side VLAN and a server-side VLAN in different IP subnets or even in different IP networks. The VLAN interfaces rely on IP addresses to route packets from one subnet or network to another. In bridged mode, the ACE bridges traffic between two VLANs in the same IP subnet. The VLAN facing the WAN is the client-side VLAN. The VLAN facing the data center is the server-side VLAN. A bridge group virtual interface (BVI) joins the two VLANs into one bridge group. As traffic passes through the client-side VLAN, the ACE evaluates the traffic with the configured service policy. Traffic that matches a policy is redirected to a server that has a dedicated VLAN interface configured on the ACE. Traffic leaving the server goes to the ACE, where it is directed out of the server side VLAN to the origin server. Traffic is routed by means of static routing. No dynamic routing protocols are required. For more detailed information about both bridged mode and routed mode, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Prerequisites Bridged mode on an ACE has the following prerequisites: •Contact your network administrator to determine which VLANs and addresses are available for use by the ACE. •Configure a default route on the ACE to identify an IP address for the ACE to send all IP packets for which it does not have a route (see the "Enabling Management Connectivity Using the Setup Script" section in Chapter , "Setting Up an ACE Appliance"). •Configure an access list to allow traffic (see the "Configuring an ACL" section in Chapter , "Configuring Access Control Lists"). Guidelines and Limitations Bridged mode on the ACE has the following configuration guidelines and limitations: •The ACE supports 4,094 BVIs per system. •The ACE supports a maximum of 8,192 interfaces per system that include VLANs, shared VLANs, and BVI interfaces. •When you configure a bridge group on an interface VLAN, the ACE automatically makes it a bridged interface. •The ACE supports a maximum of two Layer 2 interface VLANs per bridge group. •The ACE does not allow shared VLAN configurations on Layer 2 interfaces. •Because Layer 2 VLANs are not associated with an IP address, they require extended access control lists (ACLs) for controlling IP traffic. You can also optionally configure EtherType ACLs to pass non-IP traffic. •The ACE does not perform MAC address learning on a bridged interface. Instead, learning is performed by ARP. Bridge lookup is based on the bridge-group identifier and destination MAC address. A bridged interface automatically sends multicast and broadcast bridged traffic to the other interface of the bridge group. •ARP packets are always passed through an Layer 2 interface after their verification and inspection. Multicast and broadcast packets from the incoming interface are flooded to the other L2 interface in the bridge group. •The server default gateway is the upstream router. •By default, the ACE performs a route lookup to select the next hop to reach the client. We recommend using the mac-sticky feature, rather than the static default route, to send return traffic back in response to the client connection. This chapter describes how to configure bridged mode using the example shown in Figure 12-1. Figure 12-1 Example of Bridged Mode The configuration of the example setup is as follows: •A virtual server VS_WEB2 is created with a virtual IP address 10.15.3.100 to forward the client traffic from VLAN 40 to the servers in VLAN 41. •There are four real servers grouped into the server farm SF_WEB2. •VLAN 40 is assigned to the ACE and is used for client-side traffic. VLAN 41 is assigned to the ACE and is used for server-side traffic. •A BVI with the IP address 10.15.3.5 configures the two VLANs into one bridge group. Configuring Bridged Mode on the ACE To configure bridged mode, you can use either the ACE Device Manager user interface (GUI) or the CLI. •Configuring Server Load Balancing •Configuring Bridged Mode Using the Device Manager GUI •Configuring Bridged Mode Using the CLI Configuring Server Load Balancing Procedure Step 1 Add the four real servers (see the "Configuring Real Servers" section in Chapter , "Configuring Server Load Balancing"), using the following real server names, descriptions, and IP addresses and place each server in service: •Name: RS_WEB5, Description: content server web-five, IP Address: 10.15.3.11 •Name: RS_WEB6, Description: content server web-six, IP Address: 10.15.3.12 •Name: RS_WEB7, Description: content server web-seven, IP Address: 10.15.3.13 •Name: RS_WEB8, Description: content server web-eight, IP Address: 10.15.3.14 Step 2 Group these real servers into a server farm (see the "Creating a Server Farm" section in Chapter , "Configuring Server Load Balancing") and place each server in service. In this example, name the server farm SF_WEB2. Step 3 Configure a TCP probe to check the health of all the real servers in the server farm and associate the probe with the server farm. See the "Configuration Example for Bridged Mode" section. Step 4 Create a virtual server traffic policy (see "Creating a Virtual Server Traffic Policy" section in Chapter , "Configuring Server Load Balancing"). For this example, do the following: •Create a Layer 7 policy map for the action when the client request arrives and is sent to the server farm, name the load-balancing policy HTTP_LB, configure a default class map, and associate the server farm SF_WEB2. •Create a Layer 3 and Layer 4 class map to define the VIP where the clients will send their requests, and name the class map VS_WEB2 with a match virtual address of 10.15.3.100 with a match on any port. •Create a Layer 3 and Layer 4 multi-match policy map to direct classified incoming requests to the load-balancing policy map. In this example, name the policy HTTP_MULTI_MATCH, associate the VS_WEB2 class map and the HTTP_LB policy map. and then enable the VIP for load-balancing operations by placing it in service. Configuring Bridged Mode Using the Device Manager GUI Configure bridged mode using the Device Manager user interface by following these steps: Step 1 Choose VC_web in the virtual contexts drop-down list. Step 2 Perform the following actions to configure interface attributes for the client-side and server-side VLANs. a. Select Config > Virtual Contexts > Network > VLAN Interfaces. The VLAN Interface table appears. b. Click Add (+) to add a new VLAN interface. Click More Settings to access the additional VLAN interface attributes. By default, ACE appliance Device Manager hides the default VLAN interface attributes and the VLAN interface attributes which are not commonly used. c. Enter the following interface attributes for the client-side VLAN. Leave the remaining attributes blank or with their default values. •VLAN: 40 •Description: Client_side •Interface Type: Bridged •BVI: 1 •Admin Status: Up •Input Policies: HTTP_MULTI_MATCH •Input Access Group: INBOUND d. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose VLAN Interfaces to return to the VLAN Interfaces pane e. Enter the following interface attributes for the server-side VLAN. Leave the remaining attributes blank or with their default values. •VLAN: 41 •Description: Server_side •Interface Type: Bridged •BVI: 1 •Admin Status: Up •Input Policies: HTTP_MULTI_MATCH •Input Access Group: INBOUND f. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose VLAN Interfaces to return to the VLAN Interfaces pane. g. (Optional) To display statistics and status information for a VLAN interface, choose the VLAN interface from the VLAN Interface table, then click Details. The show interface vlan CLI command output appears. Step 3 Perform the following actions to create the BVI. a. Select Config > Virtual Contexts > Network > BVI Interfaces. The BVI Interface tables appears. b. Click Add (+) to add a new BVI interface. c. Enter the following interface attributes for the BVI. Leave the remaining attributes blank or with their default values. •BVI: 1 •Description: Client and server bridge group 1 •IP Address: 10.15.3.5 •Netmask: 255.255.255.0 •Admin Status: Up •First VLAN: 40 •First VLAN Description: Client_side •Second VLAN: 41 •Second VLAN Description: Server_side d. Click Deploy Now to deploy this configuration on the ACE and save your entries to the running-configuration and startup-configuration files. Then, choose BVI Interfaces to return to the VLAN Interfaces pane. e. (Optional) To display statistics and status information for a BVI interface, choose the BVI interface from the BVI Interface table, then click Details. The show interface bvi, show ipv6 interface bvi, and show ipv6 neighbors CLI commands appear. Configuring Bridged Mode Using the CLI You can configure bridged mode by creating the client-side and the server side VLANs on the ACE and associating them with a BVI. Configure the VLANs and a BVI using the CLI by following these steps: Step 1 Verify that you are operating in the desired context by checking the CLI prompt. If necessary, change to the correct context. host1/Admin# changeto VC_web host1/VC_web# Step 2 Enter configuration mode. host1/VC_web# config host1/VC_web(config)# Step 3 Accesses the interface for the client-side VLAN. host1/VC_web(config)# interface vlan 40 host1/VC_web(config-if)# Step 4 Enter a description of the VLAN. host1/VC_web(config-if)# description Client_side Step 5 Assign the VLAN to the BVI. host1/VC_web(config-if)# bridge-group 1 Step 6 Apply the ACL to the VLAN. host1/VC_web(config-if)# access-group input INBOUND Step 7 Apply the multi-match policy map to the VLAN. host1/VC_web(config-if)# service-policy input HTTP_MULTI_MATCH Step 8 Place the VLAN in service. host1/VC_web(config-if)# no shutdown Step 9 Exit interface configuration mode. host1/VC_web(config-if)# exit host1/VC_web(config)# Step 10 Access the interface for the server-side VLAN. host1/VC_web(config)# interface vlan 41 host1/VC_web(config-if)# Step 11 Enter a description of the VLAN. host1/VC_web(config-if)# description Server_side Step 12 Assign the VLAN to the BVI. host1/VC_web(config-if)# bridge-group 1 Step 13 Place the VLAN in service. host1/VC_web(config-if)# no shutdown Step 14 Exit interface configuration mode. host1/VC_web(config-if)# exit host1/VC_web(config)# Step 15 Create the BVI. host1/VC_web(config)# interface bvi 1 host1/VC_web(config-if)# Step 16 Enter a description of the BVI. host1/VC_web(config-if)# description Client and server bridge group 1 Step 17 Assign an IP address and network mask to the BVI interface. host1/VC_web(config-if)# ip address 10.15.3.5 255.255.255.0 Step 18 Place the BVI in service. host1/VC_web(config-if)# no shutdown Step 19 Return to Exec mode directly from any configuration mode. host1/Admin(config-if)# Ctrl-Z host1/Admin# Step 20 Display the interface configuration. host1/Admin# show running-config interface Step 21 Display the status and statistics for the BVI interface. host1/Admin# show interface bvi 1 Step 22 (Optional) Copy the running configuration to the startup configuration. host1/Admin# copy running-config startup-config Configuration Example for Bridged Mode The following running configuration example shows a basic bridged mode configuration. The commands that you have configured in this chapter appear in bold text. access-list INBOUND extended permit ip any probe tcp TCP_PROBE1 rserver host RS_WEB5 description content server web-five ip address 10.15.3.11 inservice rserver host RS_WEB6 description content server web-six ip address 10.15.3.12 inservice rserver host RS_WEB7 description content server web-seven ip address 10.15.3.13 inservice rserver host RS_WEB8 description content server web-eight ip address 10.15.3.14 inservice serverfarm SF_WEB2 probe TCP_PROBE1 rserver RS_WEB5 80 inservice rserver RS_WEB6 80 inservice rserver RS_WEB7 80 inservice rserver RS_WEB8 80 inservice policy-map type loadbalance first-match HTTP_LB class class-default serverfarm SF_WEB2 class-map VS_WEB2 match virtual-address 10.15.3.100 any policy-map multi-match HTTP_MULTI_MATCH class VS_WEB2 loadbalance policy HTTP_LB loadbalance vip inservice interface bvi 1 description Client and server bridge group 1 ip address 10.15.3.5 255.255.255.0 no shutdown interface vlan 40 description Client_side bridge-group 1 access-group input INBOUND service-policy input HTTP_MULTI_MATCH no shutdown interface vlan 41 description Server-side bridge-group 1 no shutdown context VC_web allocate-interface vlan 40 allocate-interface vlan 41 member RC_WEB ip route 0.0.0.0 0.0.0.0 10.15.3.1 Where to Go Next In this chapter, you have learned how to configure bridged mode on your ACE. In the next chapter, you will learn how to configure your ACE for "one-arm" mode.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks