-
Catalyst 6500 Series Software Configuration Guide, 6.3 and 6.4
-
Product Overview
-
Command-Line Interfaces
-
Configuring the Switch IP Address and Default Gateway
-
Configuring Ethernet, Fast Ethernet, and Gigabit Ethernet Switching
-
Configuring Ethernet VLAN Trunks
-
Configuring EtherChannel
-
Configuring IEEE 802.1Q Tunneling
-
Configuring Spanning Tree
-
Configuring Spanning Tree PortFast, UplinkFast, BackboneFast, and Loop Guard
-
Configuring VTP
-
Configuring VLANs
-
Configuring InterVLAN Routing
-
Configuring CEF for PFC2
-
Configuring MLS
-
Configuring NDE
-
Configuring Access Control
-
Configuring GVRP
-
Configuring Dynamic Port VLAN Membership with VMPS
-
Checking Port Status and Connectivity
-
Administering the Switch
-
Configuring Switch Access Using AAA
-
Configuring Redundancy
-
Modifying the Switch Boot Configuration
-
Working With the Flash File System
-
Working with System Software Images
-
Working with Configuration Files
-
Configuring System Message Logging
-
Configuring DNS
-
Configuring CDP
-
Configuring UDLD
-
Configuring NTP
-
Configuring Broadcast Suppression
-
Configuring Layer 3 Protocol Filtering
-
Configuring the IP Permit List
-
Configuring Port Security
-
Configuring SNMP
-
Configuring RMON
-
Configuring SPAN and RSPAN
-
Using Switch TopN Reports
-
Configuring Multicast Services
-
Configuring QoS
-
Configuring a VoIP Network
-
Configuring ASLB
-
Configuring the Switch Fabric Modules
-
Table Of Contents
Hardware and Software Requirements
Client-to-Server Data Forwarding
Server-to-Client Data Forwarding
Configuring the LocalDirector Interfaces
Backup LocalDirector Configuration (Optional)
Configuring the Switch Ports Connected to the LocalDirector
Specifying Server Virtual-IP Addresses and TCP Ports for Acceleration
Specifying MAC Addresses for Participating Routers
Specifying a MAC Address for the LocalDirector
Specifying the Router VLAN and the LocalDirector Port on the VLAN
Specifying the Server VLAN and the LocalDirector Port on the VLAN
Committing the ASLB Configuration
Displaying the ASLB Configuration
Displaying the ASLB MLS Entries
Displaying the ASLB MLS Statistics
Clearing the ASLB Configuration
ASLB Redundant Configuration Example
Catalyst 6000 Family Switch 1 Configuration
Catalyst 6000 Family Switch 2 Configuration
Troubleshooting the ASLB Configuration
Configuring ASLB
This chapter describes how to configure accelerated server load balancing (ASLB) on the Catalyst 6000 family switches.
Note
For complete syntax and usage information for hte commands used in this chapter, refer to the Catalyst 6000 Family Command Reference publication.
Note
This chapter consists of these sections:
•
•
•
Hardware and Software Requirements
The hardware and software requirements for your ASLB configuration are as follows:
•
–
–
Note
–
•
–
–
•
–
–
–
–
Understanding How ASLB Works
Note
These sections describe ASLB:
•
•
The LocalDirector is a secure, real-time, embedded operating system that intelligently load balances TCP/IP traffic across multiple servers. ASLB enables Catalyst 6000 family switches to cache Cisco LocalDirector load-balancing flows, accelerating the performance of the LocalDirector.
Note
Figure 42-1 shows a network using the ASLB feature. You must connect the LocalDirector to the switch with two links; one link connects to the same VLAN that the router is on and the other link connects to the VLAN that the servers are on. In Figure 42-1, one LocalDirector link is connected to VLAN 10, the router VLAN; the other link is connected to VLAN 20, the server VLAN.
The LocalDirector supports directed mode and dispatched mode. Only the dispatched mode can be supported for ASLB feature implementation on Catalyst 6000 family switches.
Figure 42-1 ASLB Functional Description
Layer 3 Operations for ASLB
You can specify up to 1024 server virtual-IP addresses and TCP port pairs for acceleration by the switch. All traffic for the virtual-IP/port pairs specified is accelerated except for the SYN, FIN, RST, and fragment packets with a non-zero offset. These packets are redirected to both the active and standby LocalDirectors (if a backup LocalDirector is configured).
Layer 2 Operations for ASLB
The Catalyst 6000 family switch content-addressable memory (CAM) table contains entries for the router VLAN and the server VLAN. In the CAM table, the router VLAN has an entry for the MAC address of the LocalDirector associated with a port index, and the server VLAN has entries for the router MAC addresses associated with port indexes. In these port indexes, the ports appear as 0/0. Display system CAM entries by entering the show cam system command.
Table 42-1 shows the entries in the CAM table (the ASLB configuration is shown in Figure 42-1). The first entry identifies the MAC address of the LocalDirector on VLAN 10. The CAM table shows that the MAC address has an Xtag value of 14. This value indicates that the MAC address requires a Layer 3 lookup. The second entry identifies the MAC address of the router and also requires a Layer 3 lookup.
Table 42-1 Layer 2 Table Entries
10
LocalDirector MAC
0/0
14
20
Router MAC2
0/0
14
1 Xtag = The identifier field in the Layer 2 table that identifies the router to which the MAC address belongs.
2 Note that the router MAC address is added on the server VLAN (VLAN 20), not on the router VLAN (VLAN 10).
Client-to-Server Data Forwarding
Figure 42-2 shows how data is forwarded from the router to the servers. Table 42-2 lists the sequence of events, and Table 42-3 lists the Layer 3 table entries.
These sections describe the client-to-server data-forwarding paths:
Path 1
The first packet from the router has a destination MAC address of the LocalDirector and is on VLAN 10. The MAC address has an Xtag value of 14 in the Layer 2 table. This value indicates that it requires a Layer 3 lookup, and the SYN flag is set so the frame goes to port PA.
In addition to forwarding the frame to port PA, the switch hardware creates a "candidate" entry in the Layer 3 forwarding table. This entry is updated later by an "enabler" frame to become a full ASLB Multilayer Switching (MLS) entry.
Path 2
After receiving the frame from port PA, the LocalDirector makes its standard load-balancing decision and forwards the frame to port PB. The LocalDirector changes the destination MAC address to that of the appropriate server. When this frame enters the switch, it is considered an "enabler" frame. The switch hardware does a lookup in the Layer 3 table and searches for the entry created by the previous candidate packet (the packet forwarded through the LocalDirector). If the search was successful, a "hit" occurs in the Layer 3 table.
Path 3—N
The ASLB MLS entry has been created and the next and subsequent frames from the router with a destination MAC address of the LocalDirector MAC will be Layer 3 switched unless the packet has SYN, FIN, or RST flags set or the packet is fragmented.
Path N + 1, N + 2...
On the last frame of a connection, either the FIN or RST flags will be set in the TCP header causing the packet to go to the LocalDirector. The LocalDirector must then forward the frame back to the switch after modifying the destination MAC address to be that of the appropriate server. This redirected frame takes the same path as the first frame of the flow. The FIN packet is used by the LocalDirector as an indication that the connection with the server has been terminated, and by the ASLB to purge the affected ASLB MLS entry.
Figure 42-2 Client to Server ASLB Packet Flow
Table 42-2 Client to Server ASLB Packet Flow
1
10
LocalDirector MAC1
Router MAC
VIP2
CIP3
SYN
Candidate entry in Layer 3 table
2
20
Server MAC4
Router MAC1
VIP
CIP
-
Enabler frame
3—N
10
LocalDirector MAC1
Router MAC
VIP
CIP
-
Full ASLB MLS entry created
N + 1
10
LocalDirector MAC1
Router MAC
VIP
CIP
FIN/RST
Path 1 redirect
N + 2...
20
Server MAC
Router MAC1
VIP
CIP
FIN/RST
Path 2
1 This MAC address has an Xtag value of 14 in the Layer 2 table for this packet's VLAN.
2 VIP = virtual-IP address.
3 CIP = client's IP address.
4 MAC address of the server that the LocalDirector selected.
Table 42-3 Client to Server ASLB Layer 3 Table Entries
VIP1
CIP2
TCP
80/YZ
20
Server MAC3
Router MAC
1 VIP = virtual-IP address.
2 CIP = client's IP address.
3 MAC address of the server that the LocalDirector selected.
Server-to-Client Data Forwarding
Figure 42-3 shows how data is forwarded from the servers to the clients. Table 42-4 lists the sequence of events, and Table 42-5 lists the Layer 3 table entries.
The traffic from the servers to the router or client devices works in the same manner, but in the reverse direction, as the data forwarding described in the "Client-to-Server Data Forwarding" section with the exception that the LocalDirector put its own MAC address as the source of the packet for all packets going to the router. For the traffic in the client-to-server direction, the source MAC address of the packet was unmodified.
Figure 42-3 Server to Client ASLB Packet Flow
Table 42-4 Server to Client ASLB Packet Flow
1
20
Router MAC1
Server MAC2
CIP3
VIP4
SYN
Candidate entry in Layer 3 table
2
10
Router MAC
LocalDirector MAC1
CIP
VIP
-
Enabler packet
3—N
20
Router MAC1
Server MAC
CIP
VIP
-
Full ASLB MLS entry created
N + 1
20
Router MAC1
Server MAC
CIP
VIP
FIN/RST
Path 1 redirect
N +2...
10
Router MAC
LocalDirector MAC1
CIP
VIP
FIN/RST
Path 2
1 This MAC address has an Xtag value of 14 in the Layer 2 table for this packet's VLAN.
2 MAC address of the server that the LocalDirector selected.
3 CIP = client's IP address.
4 VIP = virtual-IP address.
Table 42-5 Server to Client ASLB Layer 3 Table Entries
VIP1
CIP2
TCP
80/YZ
20
Server MAC3
Router MAC
CIP
VIP
TCP
YZ/80
10
Router MAC
LocalDirector MAC
1 VIP = virtual-IP address.
2 CIP = client's IP address.
3 MAC address of the server that the LocalDirector selected.
Cabling Guidelines
Follow these cabling guidelines for your ASLB configuration:
•
•
Caution
See the "Configuring the LocalDirector Interfaces" section to configure the LocalDirector interfaces. See the "Configuring ASLB from the CLI" section to configure the switch.
Configuring ASLB
This section lists the tasks necessary to configure ASLB:
•
•
To implement these tasks, follow the guidelines and use the detailed configuration procedures in the sections that follow.
Configuring the LocalDirector Interfaces
Refer to the Cisco LocalDirector Installation and Configuration Guide, Version 3.2, for detailed information on configuring the LocalDirector interfaces for ASLB.
ASLB Configuration Guidelines
This section lists the usage guidelines and restrictions for configuring ASLB:
•
•
For configuration examples, see the "ASLB Configuration Example" section. If you run into problems during your configuration, see the "Troubleshooting the ASLB Configuration" section.
Routers
Follow these router configuration guidelines:
•
•
•
Servers
Follow these server configuration guidelines:
•
•
•
Caution
•
IP Addresses
Follow these IP address configuration guidelines:
Note
•
•
Configure the network for ASLB is as follows (the virtual-IP address in this example is 171.1.1.200):
171.1.1.1
171.1.1.2
171.1.1.x
1 The default router on each server is 171.1.1.1.
If the servers in your ASLB configuration need to follow RFC 1918 for privacy, use the following as a guideline (the virtual-IP address in this example is 171.1.1.200):
171.1.1.1
171.1.1.2
10.1.1.x (real IP address)
Alias 10.1.1.1
Alias 10.1.1.2
Loopback alias to 171.1.1.200
1 The default router on each server is 10.1.1.1.
Supervisor Engine
Follow these supervisor engine configuration guidelines:
•
•
Backup LocalDirector Configuration (Optional)
Connect the ports on the backup LocalDirector to the switch and specify the server and router configuration using the set lda server and set lda router commands. Connect the active and backup LocalDirectors to their specified ports or the ASLB feature will not work.
MSFC and Multilayer Switching
Follow these Multilayer Switch Feature Card (MSFC) and Multilayer Switching (MLS) configuration guidelines:
•
Note
•
The MLS commands (set mls, clear mls, and show mls) do not interoperate with ASLB (set lda, clear lda, show lda, and commit lda) commands. ASLB uses separate commands to view the LocalDirector MLS entries.
•
NetFlow Data Export
You cannot use NetFlow Data Export (NDE) if you enable ASLB, and you cannot use ASLB if you enable NDE.
VLANs
Follow these VLAN configuration guidelines:
•
•
•
–
–
Switch Port Configuration
Follow these switch port configuration guidelines:
•
•
Configuring ASLB from the CLI
This section describes how to configure ASLB using the Catalyst 6000 family switch lda command set and includes the following descriptions:
•
•
•
•
•
•
•
•
•
•
•
Configuring the Switch Ports Connected to the LocalDirector
To configure the 10/100 Ethernet switch ports connected to the LocalDirector, perform these steps:
Step 1
Step 2
Enter the set port speed mod/port {10 | 100 | auto} command to set the port speed.
Enter the set port duplex mod/port {full | half | auto} command to set the type of duplex.
Enabling and Disabling ASLB
Note
To enable or disable ASLB, perform these tasks in privileged mode:
This example shows how to enable ASLB on the switch:
Console> (enable) set lda enableSuccessfully enabled Local Director Accelerator.Console> (enable)This example shows how to disable ASLB on the switch:
Console> (enable) set lda disableSuccessfully disabled Local Director Accelerator.Console> (enable)Specifying Server Virtual-IP Addresses and TCP Ports for Acceleration
Note
Note
To specify server virtual-IP addresses and TCP ports for acceleration, perform this task in privileged mode:
Specify server virtual-IP addresses and TCP ports for acceleration.
set lda vip {server_virtual_ip} {destination_tcp_port} [{server_virtual_ip} {destination_tcp_port}...]
This example shows how to specify a server virtual-IP address and TCP port for acceleration:
Console> (enable) set lda vip 10.0.0.8 8Successfully set server virtual ip and port information.Use commit lda command to save settings to hardware.Console> (enable)Specifying MAC Addresses for Participating Routers
Note
To specify MAC addresses for participating routers, perform this task in privileged mode:
This example shows how to specify MAC addresses for participating routers:
Console> (enable) set lda mac router 00-23-45-67-ee-7fSuccessfully set mac address.Use commit lda command to save settings to hardware.Console> (enable)Specifying a MAC Address for the LocalDirector
To specify a MAC address for the LocalDirector, perform this task in privileged mode:
This example shows how to specify a MAC address for the LocalDirector:
Console> (enable) set lda mac ld 00-11-22-33-55-66Successfully set mac address.Use commit lda command to save settings to hardware.Console> (enable)Specifying the Router VLAN and the LocalDirector Port on the VLAN
Note
Note
To specify the VLAN the router is on and the LocalDirector port on the VLAN, perform this task in privileged mode:
Specify the router VLAN and the LocalDirector port on the VLAN.
set lda router {router_vlan} {ld_mod/port} [backup_ld_mod/port]
This example shows how to specify the router VLAN and the LocalDirector port on the VLAN:
Console> (enable) set lda router 110 4/26Successfully set router vlan and LD port.Use commit lda command to save settings to hardware.Console> (enable)Specifying the Server VLAN and the LocalDirector Port on the VLAN
Note
Note
To specify the VLAN the server is on and the LocalDirector port on the VLAN, perform this task in privileged mode:
Specify the server VLAN and the LocalDirector port on the VLAN.
set lda server {server_vlan} {ld_mod/port} [backup_ld_mod/port]
This example shows how to specify the server VLAN and the LocalDirector port on the VLAN:
Console> (enable) set lda server 105 4/40Successfully set server vlan and LD port.Use commit lda command to save settings to hardware.Console> (enable)Configuring UDP Aging
To configure User Datagram Protocol (UDP) aging, perform this task in privileged mode:
You can set aging from 1 to 2024000 milliseconds (ms). Enter a value of zero to disable UDP aging.
This example shows how to configure UDP aging to 500 ms:
Console> (enable) set lda udpage 500Successfully set LDA UDP aging time to 500ms.Console> (enable)Committing the ASLB Configuration
Note
To commit your ASLB configuration settings, perform this task in privileged mode:
This example shows how to commit the ASLB configuration settings:
Console> (enable) commit ldaCommit operation in progress...Successfully committed Local Director Accelerator.Console> (enable)Displaying the ASLB Configuration
Note
To display committed or uncommitted ASLB configuration settings, perform this task in privileged mode:
Display committed or uncommitted ASLB configuration settings.
show lda [committed | uncommitted]
This example shows how to display committed ASLB configuration settings:
Console> (enable) show lda committedStatus:CommittedVirtual IP addresses:Local Director Flow:10.0.0.8/ (TCP port 8)Router MAC:00-23-45-67-ee-7fLD MAC:00-11-22-33-55-66LD Router Side:---------------Router and LD are on VLAN 110LD is connected to switch port 4/26 on VLAN 110LD Server Side:---------------Server(s) and LD are on VLAN 105LD is connected to switch port 4/40 on VLAN 105Console> (enable)If the configuration is then modified and the changes are not committed, entering the show lda command again gives an indication that the configuration has been modified since the last commit but the new modifications are not shown, only the committed modifications are displayed. To view the new modifications, enter the show lda uncommitted command.
Displaying the ASLB MLS Entries
Note
To display the ASLB MLS entries, perform this task in privileged mode:
Display ASLB MLS entries.
show lda mls entry
show lda mls entry [destination ip_addr_spec] [source ip_addr_spec] [protocol protocol] [src-port port] [dst-port port] [short | long]
This example shows how to display all ASLB MLS entries in short format:
Console> (enable) show lda mls entry shortDestination-IP Source-IP Prot DstPrt SrcPrt Destination-Mac Vlan--------------- --------------- ----- ------ ------ ----------------- ----EDst ESrc DPort SPort Stat-Pkts Stat-Bytes Uptime Age---- ---- ------ ------ ---------- ----------- -------- --------10.0.0.8 172.20.20.10 TCP 8 64 00-33-66-99-22-44 105ARPA ARPA - 4/25 0 0 00:00:02 00:00:0510.0.0.8 172.20.20.11 TCP 8 64 00-33-66-99-22-44 105ARPA ARPA - 4/25 0 0 00:00:05 00:00:08Console> (enable)This example shows how to display ASLB information for the source IP address in short format:
Console> (enable) show lda mls entry source 172.20.20.11 shortDestination-IP Source-IP Prot DstPrt SrcPrt Destination-Mac Vlan--------------- --------------- ----- ------ ------ ----------------- ----EDst ESrc DPort SPort Stat-Pkts Stat-Bytes Uptime Age---- ---- ------ ------ ---------- ----------- -------- --------10.0.0.8 172.20.20.11 TCP 8 64 00-33-66-99-22-44 105ARPA ARPA - 4/25 0 0 00:00:05 00:00:08Console> (enable)Displaying the ASLB MLS Statistics
To display the ASLB MLS statistics, perform this task in privileged mode:
This example shows how to display all ASLB MLS entry statistics:
Console> (enable) show lda mls statistics entryLast UsedDestination IP Source IP Prot DstPrt SrcPrt Stat-Pkts Stat-Bytes--------------- --------------- ---- ------ ------ ---------- ---------------10.0.0.8 172.20.20.10 TCP WWW 64 636 2925610.0.0.8 172.20.22.10 TCP WWW 64 0 0Console> (enable)This example shows how to display the number of ASLB active MLS entries:
Console> (enable) show lda mls statistics countLDA active shortcuts: 20Console> (enable)This example shows how to display the statistics for a specific destination IP address:
Console> (enable) show lda mls statistics entry destination 172.20.22.14Last Used Last UsedDestination IP Source IP Prot DstPrt SrcPrt Stat-Pkts Stat-Bytes--------------- --------------- ---- ------ ------ ---------- ---------------172.20.22.14 172.20.25.10 6 50648 80 3152 347854Console> (enable)Clearing the ASLB Configuration
Caution
To clear ASLB entries or router MAC addresses, perform this task in privileged mode:
This example shows how to clear the MLS entry at a specific destination address:
Console> (enable) clear lda mls destination 172.20.26.22MLS IP entry cleared.Console> (enable)This example shows how to delete a virtual-IP address and port pair (10.0.0.8, port 8):
Console> (enable) clear lda vip 10.0.0.8 8Successfully deleted vip/port pairs.Console> (enable)This example shows how to clear all ASLB router MAC addresses:
Console> (enable) clear lda mac allSuccessfully cleared Router MAC address.Console> (enable)This example shows how to clear a specific ASLB router MAC address:
Console> (enable) clear lda mac 1-2-3-4-5-6Successfully cleared Router MAC address.Console> (enable)ASLB Configuration Example
This section provides an example of a typical ASLB network configuration. Figure 42-4 shows the example network; the configuration specifications are as follows:
•
•
•
•
•
•
The example in Figure 42-4 shows how to do the following:
•
•
•
Figure 42-4 ASLB Configuration Example
The router configuration is as follows (MSM is used in this example):
!interface Port-channel1.7encapsulation isl 7ip address 192.255.201.1 255.255.255.0no ip redirectsno ip directed-broadcast!The Catalyst 6000 family switch configuration is as follows:
Console (enable) show ldaStatus:CommittedVirtual IP addresses:Local Director Flow:192.255.201.55/www (TCP port 80)Local Director Flow:192.255.201.55/ (TCP port 8001)Local Director Flow:192.255.201.55/ftp (TCP port 21)Router MAC:00-d0-bc-e9-fb-47LD MAC: 00-e0-b6-00-4b-04LD Router Side:---------------Router and LD are on VLAN 7LD is connected to switch port 5/7 on VLAN 7LD Server Side:---------------Server(s) and LD are on VLAN 5LD is connected to switch port 5/5 on VLAN 5Console (enable)The LocalDirector configuration is as follows:
LD430# show configuration:Saved:LocalDirector 430 Version 3.1.3.105syslog output 20.3no syslog consolehostname LD430no shutdown ethernet 0no shutdown ethernet 1shutdown ethernet 2shutdown ethernet 3interface ethernet 0 100fullinterface ethernet 1 100fullinterface ethernet 2 autointerface ethernet 3 automtu 0 1500mtu 1 1500mtu 2 1500mtu 3 1500no multiring allno secure 0no secure 1no secure 2no secure 3ping-allow 0ping-allow 1no ping-allow 2no ping-allow 3ip address 192.255.201.2 255.255.255.0route 0.0.0.0 0.0.0.0 192.255.201.1 1no rip passiverip version 1failover ip address 0.0.0.0no failoversnmp-server enable trapsno snmp-server contactno snmp-server locationvirtual 192.255.201.55:80:0:tcp isvirtual 192.255.201.55:8001:0:tcp isvirtual 192.255.201.55:21:0:tcp ispredictor 192.255.201.55:80:0:tcp roundrobinredirection 192.255.201.55:80:0:tcp dispatched assisted wildcard-ttl 60fixed-ttl 60 igmp 224.0.1.2 port 1637redirection 192.255.201.55:8001:0:tcp dispatched assisted wildcard-ttl 60fixed-ttl 60 igmp 224.0.1.2 port 1637redirection 192.255.201.55:21:0:tcp dispatched assisted wildcard-ttl 60fixed-ttl 60 igmp 224.0.1.2 port 1637real 192.255.201.5:80:0:tcp isreal 192.255.201.3:80:0:tcp isreal 192.255.201.4:80:0:tcp isreal 192.255.201.6:80:0:tcp isreal 192.255.201.7:80:0:tcp isreal 192.255.201.8:80:0:tcp isreal 192.255.201.9:80:0:tcp oosreal 192.255.201.10:80:0:tcp oosreal 192.255.201.11:8001:0:tcp oosreal 192.255.201.3:21:0:tcp isreal 192.255.201.4:21:0:tcp isreal 192.255.201.5:21:0:tcp isreal 192.255.201.6:21:0:tcp isreal 192.255.201.7:21:0:tcp isreal 192.255.201.8:21:0:tcp isbind 192.255.201.55:80:0:tcp 192.255.201.3:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.4:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.5:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.6:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.7:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.8:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.9:80:0:tcpbind 192.255.201.55:80:0:tcp 192.255.201.10:80:0:tcpbind 192.255.201.55:8001:0:tcp 192.255.201.11:8001:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.3:21:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.4:21:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.5:21:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.6:21:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.7:21:0:tcpbind 192.255.201.55:21:0:tcp 192.255.201.8:21:0:tcpASLB Redundant Configuration Example
This section provides an example of a typical ASLB redundant network configuration. Figure 42-5 shows the example redundant network. The LocalDirectors and Catalyst 6000 family switches are configured to accelerate HTTP and Telnet for server VIP address 13.13.13.13.
Caution
Figure 42-5 ASLB Redundant Configuration Example
IP Addresses
The IP addresses are as follows:
•
•
•
•
•
•
•
•
•
MAC Addresses
The MAC addresses are as follows:
•
•
•
•
•
Catalyst 6000 Family Switch 1 Configuration
The switch 1 configuration is as follows:
set trunk 3/23 on isl 1,5,9set lda enableclear lda vip allset lda vip 13.13.13.13 80 13.13.13.13 23clear lda mac allset lda mac router 00-00-0c-07-ac-01set lda mac router 00-d0-79-7b-20-88set lda mac router 00-d0-79-7b-18-88set lda mac ld 00-e0-b6-00-47-ecset lda router 9 3/7 3/23set lda server 5 3/8 3/23commit ldaCatalyst 6000 Family Switch 2 Configuration
The switch 2 configuration is as follows:
set trunk 3/23 on isl 1,5,9set lda enableclear lda vip allset lda vip 13.13.13.13 80 13.13.13.13 23clear lda mac allset lda mac router 00-00-0c-07-ac-01set lda mac router 00-d0-79-7b-20-88set lda mac router 00-d0-79-7b-18-88set lda mac ld 00-e0-b6-00-47-ecset lda router 9 3/27 3/23set lda server 5 3/28 3/23commit ldaRouter 1 Configuration
The router 1 configuration is as follows:
interface FastEthernet1ip address 7.0.0.100 255.0.0.0no ip redirectsno ip directed-broadcastno ip route-cache distributedload-interval 30no keepalivefull-duplexstandby 1 ip 7.0.0.1standby 1 track FastEthernet2!interface FastEthernet2ip address 5.0.0.100 255.0.0.0no ip redirectsno ip directed-broadcastno ip route-cache distributedno keepalivefull-duplexstandby priority 250standby 2 ip 5.0.0.2standby 2 track FastEthernet1!ip route 13.13.13.13 255.255.255.255 5.0.0.1Router 2 Configuration
The router 2 configuration is as follows:
interface FastEthernet1ip address 7.0.0.101 255.0.0.0no ip redirectsno ip directed-broadcastno ip route-cache distributedload-interval 30no keepalivefull-duplexstandby 1 ip 7.0.0.1standby 1 track FastEthernet2!interface FastEthernet2ip address 5.0.0.101 255.0.0.0no ip redirectsno ip directed-broadcastno ip route-cache distributedno keepalivefull-duplexstandby priority 250standby 2 ip 5.0.0.2standby 2 track FastEthernet1!ip route 13.13.13.13 255.255.255.255 5.0.0.1LocalDirector Configuration
The LocalDirector 1 and LocalDirector 2 configuration is as follows (the configuration is the same for both LocalDirectors):
no shutdown ethernet 0no shutdown ethernet 4interface ethernet 0 100fullinterface ethernet 4 100fullip address 5.0.0.1 255.0.0.0failover ip address 5.0.0.5virtual 13.13.13.13:80:0:tcp isvirtual 13.13.13.13:23:0:tcp ispredictor 13.13.13.13:80:0:tcp roundrobinpredictor 13.13.13.13:23:0:tcp roundrobinredirection 13.13.13.13:80:0:tcp dispatched assistedredirection 13.13.13.13:23:0:tcp dispatched assistedreal 5.100.100.100:80:0:tcp isreal 5.100.100.100:23:0:tcp isbind 13.13.13.13:80:0:tcp 5.100.100.100:80:0:tcpbind 13.13.13.13:23:0:tcp 5.100.100.100:23:0:tcpTroubleshooting the ASLB Configuration
Table 42-6 lists the possible problem symptoms and recommended actions to troubleshoot the ASLB configuration.
Table 42-6 Troubleshooting the ASLB Configuration
LocalDirector does not receive any traffic.
Ensure that the LocalDirector is connected to the ports you specified by entering the set lda server and set lda router commands.
LocalDirector connection entries are not purged.
Ensure that you configured all the virtual-IP/port pairs by entering the set lda vip command.
ASLB MLS entries are created in only one direction.
Ensure that you configured all the virtual-IP/port pairs on both the supervisor engine (set lda vip command) and the LocalDirector.
Ensure that the LocalDirector is in the "dispatched assisted" mode.
Ensure that you configured the IP addresses of the routers, LocalDirector, and servers following the guidelines in the "IP Addresses" section. Ensure that the router knows how to reach the LocalDirector when traffic goes to the virtual-IP address (if the virtual-IP address is on a different subnet than the router interface).
Ensure that the router MAC address is the same as specified by entering the set lda mac router command.
Ensure that the LocalDirector MAC address is the same as specified by entering the set lda mac ld command.
Backup LocalDirector does not receive any traffic.
Ensure that you configured the backup LocalDirector ports by entering the set lda router and set lda server commands; for example, enter set lda router {router_vlan} 3/7 3/9 and set lda server {server_vlan} 3/8 3/10.
You can ping servers from the router, but ASLB MLS entries are not created when you send data traffic.
Ensure that the servers were configured to ignore ARP requests for the virtual-IP address.
You see the message:
%CDP-4-NVLANMISMATCH: Native vlan mismatch detected on port ...
Disable CDP on ports connected to the LocalDirector (enter set cdp disable command).
LocalDirector set commands did not take effect.
The set lda commands will not take effect until you enter the commit lda command.
You can verify which set lda commands are in effect by entering the show lda commit command.
You can determine which set lda commands are set but not committed, or determine what changes will occur if the current set lda commands are committed by entering the show lda uncommitted command.
You see "collisions" or "port disabled" on the Catalyst 6000 port.
Ensure that the port speed and duplex settings are compatible on both ends of the link between the LocalDirector and the switch. For example, if port 3/7 on the switch is connected to interface ethernet 0 on the LocalDirector, make sure that port 3/7 is set to 100full and that interface ethernet 0 on the LocalDirector is also set to 100full.
