Table Of Contents

Configuring ASLB

Hardware and Software Requirements

Understanding How ASLB Works

Layer 3 Operations for ASLB

Layer 2 Operations for ASLB

Client-to-Server Data Forwarding

Path 1

Path 2

Path 3—N

Path N + 1, N + 2...

Server-to-Client Data Forwarding

Cabling Guidelines

Configuring ASLB on the Switch

Configuring the LocalDirector Interfaces

ASLB Configuration Guidelines

Routers

Servers

IP Addresses

Supervisor Engine

Backup LocalDirector Configuration (Optional)

MSFC and Multilayer Switching

NetFlow Data Export

VLANs

Switch Port Configuration

Configuring ASLB from the CLI

Configuring the Switch Ports Connected to the LocalDirector

Enabling and Disabling ASLB

Specifying the Server Virtual-IP Addresses and TCP Ports for Acceleration

Specifying the MAC Addresses for Participating Routers

Specifying a MAC Address for the LocalDirector

Specifying the Router VLAN and the LocalDirector Port on the VLAN

Specifying the Server VLAN and the LocalDirector Port on the VLAN

Configuring the UDP Aging

Committing the ASLB Configuration

Displaying the ASLB Configuration

Displaying the ASLB MLS Entries

Displaying the ASLB MLS Statistics

Clearing the ASLB Configuration

ASLB Configuration Example

ASLB Redundant Configuration Example

IP Addresses

MAC Addresses

Catalyst 6500 Series Switch 1 Configuration

Catalyst 6500 Series Switch 2 Configuration

Router 1 Configuration

Router 2 Configuration

LocalDirector Configuration

Troubleshooting the ASLB Configuration

Configuring ASLB

---

This chapter describes how to configure accelerated server load balancing (ASLB) on the Catalyst 6500 series switches.

---

Note For complete syntax and usage information for the commands that are used in this chapter, refer to the Catalyst 6500 Series Switch Command Reference publication.

---

---

Note The information and procedures in this chapter apply only to Supervisor Engine 1 with the Policy Feature Card. ASLB is not supported on Supervisor Engine 2 with PFC2, Supervisor Engine 720 with PFC3A/PFC3B/PFC3BXL, or Supervisor Engine 32 with PFC3B/PFC3BXL.

---

This chapter consists of these sections:

•Hardware and Software Requirements

•Understanding How ASLB Works

•Cabling Guidelines

•Configuring ASLB on the Switch

•ASLB Configuration Example

•ASLB Redundant Configuration Example

•Troubleshooting the ASLB Configuration

Hardware and Software Requirements

The hardware and software requirements for your ASLB configuration are as follows:

•The LocalDirector requirements are as follows:

–Hardware platforms—LocalDirector models 410, 415, 416, 420, or 430

–Interface Modules—The ASLB configuration requires two 10/100BASE-X Ethernet interfaces or two 1000BASE-X Gigabit Ethernet interfaces

---

Note The 1000BASE-X interfaces are supported only on the LocalDirector 420 and 430; they are not supported on the LocalDirector 410, 415, or 416.

---

–Software—Cisco configuration version 3.2.x

•The Catalyst 6500 series switch requirements are as follows:

–Supervisor Engine 1 (or 1A) with the PFC

–Supervisor engine software release 5.3(1)CSX or later releases

•The participating routers are as follows:

–Multilayer Switch Feature Card (MSFC)—With supervisor engine software release 5.4(1)CSX or later releases, an MSFC in the Catalyst 6500 series switch can be used as a participating router for ASLB. With earlier supervisor engine software releases, an internal MSFC cannot be a participating router.

–External MSFC—An MSFC in an externally attached Catalyst 6500 series switch can be used as a participating router.

–Multilayer Switch Module (MSM)—If the Catalyst 6500 series switch that you are using for ASLB has an MSM, it can be used as a participating router for ASLB. The MSM in an externally attached Catalyst 6500 series switch can also be used as a participating router.

–Other Cisco routers can also be used as participating routers for ASLB.

Understanding How ASLB Works

---

Note Refer to the Cisco LocalDirector Installation and Configuration Guide, Version 3.2, for an overview on load balancing TCP/IP traffic.

---

These sections describe ASLB:

•Layer 3 Operations for ASLB

•Layer 2 Operations for ASLB

•Client-to-Server Data Forwarding

•Server-to-Client Data Forwarding

The LocalDirector is a secure, real-time, embedded operating system that intelligently load balances the TCP/IP traffic across multiple servers. ASLB enables Catalyst 6500 series switches to cache the Cisco LocalDirector load-balancing flows, accelerating the performance of the LocalDirector.

---

Note The accelerated performance of the LocalDirector is achieved through the Catalyst 6500 series Layer 3 switching technology.

---

Figure 53-1 shows a network that uses the ASLB feature. You must connect the LocalDirector to the switch with two links; one link connects to the same VLAN that the router is on and the other link connects to the VLAN that the servers are on. In Figure 53-1, one LocalDirector link is connected to VLAN 10, the router VLAN; the other link is connected to VLAN 20, the server VLAN.

The LocalDirector supports directed mode and dispatched mode. Only the dispatched mode can be supported for ASLB feature implementation on Catalyst 6500 series switches.

Figure 53-1 ASLB Functional Description

Layer 3 Operations for ASLB

You can specify up to 1024 server virtual-IP addresses and TCP port pairs for acceleration by the switch. All the traffic for the virtual-IP/port pairs specified is accelerated except for the SYN, FIN, RST, and fragment packets with a nonzero offset. These packets are redirected to both the active and standby LocalDirectors (if a backup LocalDirector is configured).

Layer 2 Operations for ASLB

The Catalyst 6500 series switch content-addressable memory (CAM) table contains entries for the router VLAN and the server VLAN. In the CAM table, the router VLAN has an entry for the MAC address of the LocalDirector that is associated with a port index, and the server VLAN has entries for the router MAC addresses that are associated with the port indexes. In these port indexes, the ports appear as 0/0. You can display system CAM entries by entering the show cam system command.

Table 53-1 shows the entries in the CAM table (the ASLB configuration is shown in Figure 53-1). The first entry identifies the MAC address of the LocalDirector on VLAN 10. The CAM table shows that the MAC address has an Xtag value of 14. This value indicates that the MAC address requires a Layer 3 lookup. The second entry identifies the MAC address of the router and also requires a Layer 3 lookup.

Table 53-1 Layer 2 Table Entries

VLAN	MAC Address	Index	Xtag1
10	LocalDirector MAC	0/0	14
20	Router MAC2	0/0	14

1 Xtag = The identifier field in the Layer 2 table that identifies the router to which the MAC address belongs. 2 Note that the router MAC address is added on the server VLAN (VLAN 20), not on the router VLAN (VLAN 10).

Client-to-Server Data Forwarding

Figure 53-2 shows how the data is forwarded from the router to the servers. Table 53-2 lists the sequence of events, and Table 53-3 lists the Layer 3 table entries.

These sections describe the client-to-server data-forwarding paths:

•Path 1

•Path 2

•Path 3—N

•Path N + 1, N + 2...

Path 1

The first packet from the router has a destination MAC address of the LocalDirector and is on VLAN 10. The MAC address has an Xtag value of 14 in the Layer 2 table. This value indicates that it requires a Layer 3 lookup, and the SYN flag is set so that the frame goes to port PA.

In addition to forwarding the frame to port PA, the switch hardware creates a "candidate" entry in the Layer 3 forwarding table. This entry is updated later by an "enabler" frame to become a full ASLB Multilayer Switching (MLS) entry.

Path 2

After receiving the frame from port PA, the LocalDirector makes its standard load-balancing decision and forwards the frame to port PB. The LocalDirector changes the destination MAC address to that of the appropriate server. When this frame enters the switch, it is considered an "enabler" frame. The switch hardware does a lookup in the Layer 3 table and searches for the entry that is created by the previous candidate packet (the packet that is forwarded through the LocalDirector). If the search was successful, a "hit" occurs in the Layer 3 table.

Path 3—N

The ASLB MLS entry has been created and the next and subsequent frames from the router with a destination MAC address of the LocalDirector MAC will be Layer 3 switched unless the packet has SYN, FIN, or RST flags set or the packet is fragmented.

Path N + 1, N + 2...

On the last frame of a connection, either the FIN or RST flags will be set in the TCP header causing the packet to go to the LocalDirector. The LocalDirector must then forward the frame back to the switch after modifying the destination MAC address to be that of the appropriate server. This redirected frame takes the same path as the first frame of the flow. The FIN packet is used by the LocalDirector to indicate that the connection with the server has been terminated, and by the ASLB to purge the affected ASLB MLS entry.

Figure 53-2 Client-to-Server ASLB Packet Flow

Table 53-2 Client-to-Server ASLB Packet Flow

Path Number	VLAN	MAC Destination Address	MAC Source Address	IP Destination Address	IP Source Address	Flags	Action
1	10	LocalDirector MAC1	Router MAC	VIP2	CIP3	SYN	Candidate entry in Layer 3 table
2	20	Server MAC4	Router MAC1	VIP	CIP	-	Enabler frame
3—N	10	LocalDirector MAC1	Router MAC	VIP	CIP	-	Full ASLB MLS entry created
N + 1	10	LocalDirector MAC1	Router MAC	VIP	CIP	FIN/RST	Path 1 redirect
N + 2...	20	Server MAC	Router MAC1	VIP	CIP	FIN/RST	Path 2

1 This MAC address has an Xtag value of 14 in the Layer 2 table for this packet's VLAN. 2 VIP = virtual-IP address. 3 CIP = client's IP address. 4 The MAC address of the server that the LocalDirector selected.

Table 53-3 Client-to-Server ASLB Layer 3 Table Entries

IP Destination Address	IP Source Address	Protocol	Ports	VLAN	MAC Destination Address	MAC Source Address
VIP1	CIP2	TCP	80/YZ	20	Server MAC3	Router MAC

1 VIP = virtual-IP address. 2 CIP = client's IP address. 3 MAC address of the server that the LocalDirector selected.

Server-to-Client Data Forwarding

Figure 53-3 shows how data is forwarded from the servers to the clients. Table 53-4 lists the sequence of events, and Table 53-5 lists the Layer 3 table entries.

The traffic from the servers to the router or client devices works in the same manner, but in the reverse direction, as described in the "Client-to-Server Data Forwarding" section. The exception is that the LocalDirector put its own MAC address as the source of the packet for all the packets that are going to the router. For the traffic in the client-to-server direction, the source MAC address of the packet was unmodified.

Figure 53-3 Server-to-Client ASLB Packet Flow

Table 53-4 Server-to-Client ASLB Packet Flow

Path Number	VLAN	MAC Destination Address	MAC Source Address	IP Destination Address	IP Source Address	Flags	Action
1	20	Router MAC1	Server MAC2	CIP3	VIP4	SYN	Candidate entry in Layer 3 table
2	10	Router MAC	LocalDirector MAC1	CIP	VIP	-	Enabler packet
3—N	20	Router MAC1	Server MAC	CIP	VIP	-	Full ASLB MLS entry created
N + 1	20	Router MAC1	Server MAC	CIP	VIP	FIN/RST	Path 1 redirect
N +2...	10	Router MAC	LocalDirector MAC1	CIP	VIP	FIN/RST	Path 2

1 This MAC address has an Xtag value of 14 in the Layer 2 table for this packet's VLAN. 2 The MAC address of the server that the LocalDirector selected. 3 CIP = client's IP address. 4 VIP = virtual-IP address.

Table 53-5 Server-to-Client ASLB Layer 3 Table Entries

IP Destination Address	IP Source Address	Protocol	Ports	VLAN	MAC Destination Address	MAC Source Address
VIP1	CIP2	TCP	80/YZ	20	Server MAC3	Router MAC
CIP	VIP	TCP	YZ/80	10	Router MAC	LocalDirector MAC

1 VIP = virtual-IP address. 2 CIP = client's IP address. 3 MAC address of the server that the LocalDirector selected.

Cabling Guidelines

This section describes the cabling guidelines for your ASLB configuration:

•Check that your connections to the servers are attached to the switch. The servers must be either directly attached to the switch or within the same bridging domain as the LocalDirector port in the server VLAN.

•Use two Category 5 unshielded twisted-pair cables to connect two 10/100 or two 1000BASE-X switch ports to two comparable LocalDirector interfaces.

---

Caution Connect the LocalDirector directly to the Catalyst 6500 series switch.

---

See the "Configuring the LocalDirector Interfaces" section to configure the LocalDirector interfaces. See the "Configuring ASLB from the CLI" section to configure the switch.

Configuring ASLB on the Switch

This section lists the tasks to configure ASLB:

•Configuring the LocalDirector Interfaces

•ASLB Configuration Guidelines

•Configuring ASLB from the CLI

Configuring the LocalDirector Interfaces

Refer to the Cisco LocalDirector Installation and Configuration Guide, Version 3.2, for detailed information on configuring the LocalDirector interfaces for ASLB.

ASLB Configuration Guidelines

This section lists the usage guidelines and restrictions for configuring ASLB:

•Routers

•Servers

•IP Addresses

•Supervisor Engine

•Backup LocalDirector Configuration (Optional)

•MSFC and Multilayer Switching

•NetFlow Data Export

•VLANs

•Switch Port Configuration

For configuration examples, see the "ASLB Configuration Example" section. If you run into problems during your configuration, see the "Troubleshooting the ASLB Configuration" section.

Routers

The router configuration guidelines are as follows:

•The router must be the default gateway for the servers that are being load balanced, and its MAC address must be known.

•Multiple routers must be on the same router VLAN. Specify all the participating router MAC addresses by entering the set lda mac router command.

•When ASLB is configured, a VLAN access control list (VACL) is created to redirect the TCP traffic on the two VLANs to which the LocalDirector is connected; no security Cisco IOS access control lists (ACLs) or VACLs can be configured on these VLANs.

Servers

The server configuration guidelines are as follows:

•The servers must be either directly attached to the switch or within the same bridging domain as the LocalDirector port in the server VLAN.

•Configure the server default route as the aliased address of the router that is on the same subnet as the real IP address of the server.

•Configure the servers to ignore the ARP requests for the virtual-IP address. On some server operating systems, you cannot disable the responses to the ARP requests on the alias (secondary) IP addresses. Use the static ARP entries at the routers as a workaround for the servers that respond to the ARP requests for the virtual-IP address.

---

Caution To accelerate the client-to-server traffic, you must configure the servers to ignore the ARP requests for the virtual-IP address. If you fail to do this step, traffic acceleration does not start, and fully redundant topologies in your network take a long time to recover from a LocalDirector failure.

---

IP Addresses

The IP address configuration guidelines are as follows:

---

Note You can specify an IP address for the virtual-IP address other than the server IP network addresses.

---

•Ensure that the LocalDirectors and servers are on the same subnet to allow the LocalDirector to ARP the real IP address of each server.

•Ensure that the routers are on the same subnet as the virtual-IP address to allow the router to ARP the virtual-IP address.

Configure the network for ASLB as follows (the virtual-IP address in this example is 171.1.1.200):

Router	LocalDirector	Servers1
171.1.1.1	171.1.1.2	171.1.1.x

1 The default router on each server is 171.1.1.1.

If the servers in your ASLB configuration need to follow RFC 1918 for privacy, use the following as a guideline (the virtual-IP address in this example is 171.1.1.200):

Routers	LocalDirector	Servers1
171.1.1.1	171.1.1.2	10.1.1.x (real IP address)
Alias 10.1.1.1	Alias 10.1.1.2	Loopback alias to 171.1.1.200

1 The default router on each server is 10.1.1.1.

Supervisor Engine

The supervisor engine configuration guidelines are as follows:

•Up to 32 router MAC addresses are supported.

•Up to 1024 virtual-IP/TCP port pairs are supported.

Backup LocalDirector Configuration (Optional)

Connect the ports on the backup LocalDirector to the switch and specify the server and router configuration by entering the set lda server and set lda router commands. Connect the active and backup LocalDirectors to their specified ports or the ASLB feature will not work.

MSFC and Multilayer Switching

The MSFC and Multilayer Switching (MLS) configuration guidelines are as follows:

•With supervisor engine software release 5.4(1)CSX or later releases, an MSFC can be the participating router for ASLB.

---

Note Traffic is Layer 3 switched when an MSFC routes the traffic from the clients. This process creates the MLS entries that exist separately from the ASLB MLS entries for the same traffic.

---

•The aging task that removes the terminated ASLB flows also purges the MLS terminated flows. The ASLB MLS entries share the Layer 3 MLS cache with the MLS shortcut entries.

The MLS commands (set mls, clear mls, and show mls) do not interoperate with the ASLB (set lda, clear lda, show lda, and commit lda) commands. ASLB uses separate commands to view the LocalDirector MLS entries.

•When you enable ASLB, the ASLB MLS entries are established using one flow mask, full-flow mode (ip-flow).

NetFlow Data Export

You cannot use NetFlow Data Export (NDE) if you enable ASLB, and you cannot use ASLB if you enable NDE.

VLANs

The VLAN configuration guidelines are as follows:

•When you configure ASLB, a VACL is created to redirect the TCP traffic on the two VLANs to which the LocalDirector is connected (router VLAN and server VLAN). You cannot configure any security Cisco IOS ACLs or VACLs on these VLANs.

•Dedicate the router VLAN and server VLAN for ASLB use only. Do not connect the other network devices (such as end stations and clients) to these two VLANs.

•The VLANs that are created for ASLB propagate to the other switches through VLAN Trunking Protocol (VTP) when VTP is in the server mode. Spanning Tree Protocol runs over these ASLB VLANs on all VTP switches in the network, introducing additional overhead over the entire network. To avoid the spanning-tree propagation delays, do the following:

–Configure the switch as VTP transparent so it does not populate the VLANs.

–Remove the ASLB VLANs from all trunks on all switches (enter the clear trunk command).

Switch Port Configuration

The switch port configuration guidelines are as follows:

•Disable CDP on the ports that are connected to the LocalDirectors (both active and standby LocalDirectors if a backup is configured).

•If you specify a port that is part of an EtherChannel, the traffic is automatically redirected among all ports in the EtherChannel.

Configuring ASLB from the CLI

This section describes how to configure ASLB using the Catalyst 6500 series switch lda command set:

•Configuring the Switch Ports Connected to the LocalDirector

•Enabling and Disabling ASLB

•Specifying the Server Virtual-IP Addresses and TCP Ports for Acceleration

•Specifying the MAC Addresses for Participating Routers

•Specifying a MAC Address for the LocalDirector

•Specifying the Router VLAN and the LocalDirector Port on the VLAN

•Specifying the Server VLAN and the LocalDirector Port on the VLAN

•Configuring the UDP Aging

•Committing the ASLB Configuration

•Displaying the ASLB Configuration

•Displaying the ASLB MLS Entries

•Displaying the ASLB MLS Statistics

•Clearing the ASLB Configuration

Configuring the Switch Ports Connected to the LocalDirector

To configure the 10/100-Ethernet switch ports that are connected to the LocalDirector, perform these steps:

---

Step 1 Enter the set vlan vlan_num mod_ports command to add the switch ports to the correct VLANs (router VLAN and server VLAN).

Step 2 Note that the port speed and duplex type for the switch ports do not need to be set as all 10/100-switch ports are set to autonegotiate as the default. If you have a problem with autonegotiation, configure the port speed and duplex type as follows:

Enter the set port speed mod/port {10 | 100 | auto} command to set the port speed.

Enter the set port duplex mod/port {full | half | auto} command to set the type of duplex.

---

Enabling and Disabling ASLB

---

Note ASLB is disabled by default. When ASLB is disabled, you cannot enter the set lda commands to perform configuration tasks; to enter the set lda commands, you must enable ASLB.

---

To enable or disable ASLB, perform this task in privileged mode:

Task	Command
Enable or disable ASLB.	set lda enable | disable

This example shows how to enable ASLB on the switch:

Console> (enable) set lda enable

Successfully enabled Local Director Accelerator.

Console> (enable)

This example shows how to disable ASLB on the switch:

Console> (enable) set lda disable

Successfully disabled Local Director Accelerator.

Console> (enable)

Specifying the Server Virtual-IP Addresses and TCP Ports for Acceleration

---

Note You can specify up to 1024 virtual-IP addresses and TCP port pairs for acceleration by the Catalyst 6500 series switch. Newly specified pairs do not replace the previously specified pairs. To cancel a previously entered pair, enter the clear lda vip command.

---

---

Note You can use a zero (0) as a wildcard (don't care) digit for the destination_tcp_port.

---

To specify the server virtual-IP addresses and TCP ports for acceleration, perform this task in privileged mode:

Task	Command
Specify the server virtual-IP addresses and TCP ports for acceleration.	set lda vip {server_virtual_ip} {destination_tcp_port} [{server_virtual_ip} {destination_tcp_port}...]

This example shows how to specify a server virtual-IP address and TCP port for acceleration:

Console> (enable) set lda vip 10.0.0.8 8

Successfully set server virtual ip and port information.

Use commit lda command to save settings to hardware.

Console> (enable)

Specifying the MAC Addresses for Participating Routers

---

Note You can specify up to 32 router MAC addresses.

---

To specify the MAC addresses for the participating routers, perform this task in privileged mode:

Task	Command
Specify the MAC addresses for the participating routers.	set lda mac router {mac-address}...

This example shows how to specify the MAC addresses for the participating routers:

Console> (enable) set lda mac router 00-23-45-67-ee-7f

Successfully set mac address.

Use commit lda command to save settings to hardware.

Console> (enable)

Specifying a MAC Address for the LocalDirector

To specify a MAC address for the LocalDirector, perform this task in privileged mode:

:

Task	Command
Specify a MAC address for the LocalDirector.	set lda mac ld {ld_mac-address}

This example shows how to specify a MAC address for the LocalDirector:

Console> (enable) set lda mac ld 00-11-22-33-55-66

Successfully set mac address.

Use commit lda command to save settings to hardware.

Console> (enable)

Specifying the Router VLAN and the LocalDirector Port on the VLAN

---

Note After entering the set lda router command, if you change the switch port(s) to which the LocalDirector is connected, you must enter the set lda router command again to specify the new configuration.

---

---

Note Specifying a backup LocalDirector port is optional unless you are setting up a failover configuration of LocalDirectors. If you are setting up a failover configuration, you must specify the ports for the backup LocalDirector. If this is not done, failover does not work because the supervisor engine does not send any traffic to the intended backup LocalDirector.

---

To specify the router VLAN and the LocalDirector port on the VLAN, perform this task in privileged mode:

Task	Command
Specify the router VLAN and the LocalDirector port on the VLAN.	set lda router {router_vlan} {ld_mod/port} [backup_ld_mod/port]

This example shows how to specify the router VLAN and the LocalDirector port on the VLAN:

Console> (enable) set lda router 110 4/26

Successfully set router vlan and LD port.

Use commit lda command to save settings to hardware.

Console> (enable)

Specifying the Server VLAN and the LocalDirector Port on the VLAN

---

Note After entering the set lda server command, if you change the switch port(s) to which the LocalDirector is connected, you must enter the set lda server command again to specify the new configuration.

---

---

Note Specifying a backup LocalDirector port is optional unless you are setting up a failover configuration of LocalDirectors. If you are setting up a failover configuration, you must specify the ports for the backup LocalDirector. If this is not done, failover does not work because the supervisor engine does not send any traffic to the intended backup LocalDirector.

---

To specify the server VLAN and the LocalDirector port on the VLAN, perform this task in privileged mode:

Task	Command
Specify the server VLAN and the LocalDirector port on the VLAN.	set lda server {server_vlan} {ld_mod/port} [backup_ld_mod/port]

This example shows how to specify the server VLAN and the LocalDirector port on the VLAN:

Console> (enable) set lda server 105 4/40

Successfully set server vlan and LD port.

Use commit lda command to save settings to hardware.

Console> (enable)

Configuring the UDP Aging

To configure the User Datagram Protocol (UDP) aging, perform this task in privileged mode:

Task	Command
Configure the UDP aging.	set lda udpage time_in_ms

You can set the aging from 1-2024000 milliseconds (ms). Enter a value of zero to disable UDP aging.

This example shows how to configure the UDP aging to 500 ms:

Console> (enable) set lda udpage 500 

Successfully set LDA UDP aging time to 500ms.

Console> (enable)

Committing the ASLB Configuration

---

Note The ASLB configuration settings are temporarily stored in an edit buffer. The settings are saved in NVRAM, but for the settings to take effect, you must enter the commit lda command. This command verifies your configuration settings. If the information is entered correctly and passes a consistency check, the settings are programmed into the hardware. Once the ASLB configuration is successfully committed, the mapping is saved in NVRAM and restored at the system bootup.

---

To commit your ASLB configuration settings, perform this task in privileged mode:

Task	Command
Commit your ASLB configuration settings.	commit lda

This example shows how to commit the ASLB configuration settings:

Console> (enable) commit lda

Commit operation in progress...

Successfully committed Local Director Accelerator.

Console> (enable)

Displaying the ASLB Configuration

---

Note Entering the show lda command without a keyword (committed | uncommitted) displays the committed configuration settings.

---

To display the committed or uncommitted ASLB configuration settings, perform this task in privileged mode:

Task	Command
Display the committed or uncommitted ASLB configuration settings.	show lda [committed | uncommitted]

This example shows how to display the committed ASLB configuration settings:

Console> (enable) show lda committed

Status:Committed

Virtual IP addresses:

Local Director Flow:10.0.0.8/ (TCP port 8)

Router MAC:  

00-23-45-67-ee-7f

LD MAC:00-11-22-33-55-66

LD Router Side:

---------------

Router and LD are on VLAN 110

LD is connected to switch port 4/26 on VLAN 110

LD Server Side:

---------------

Server(s) and LD are on VLAN 105

LD is connected to switch port 4/40 on VLAN 105

Console> (enable)

If the configuration is modified and the changes are not committed, entering the show lda command again gives an indication that the configuration has been modified since the last commit, but the new modifications are not shown, only the committed modifications are displayed. To view the new modifications, enter the show lda uncommitted command.

Displaying the ASLB MLS Entries

---

Note The short | long keyword options give the flexibility to display the output in regular (80 characters in width) or wide-screen format.

---

To display the ASLB MLS entries, perform this task in privileged mode:

Task	Command
Display the ASLB MLS entries.	show lda mls entry show lda mls entry [destination ip_addr_spec] [source ip_addr_spec] [protocol protocol] [src-port port] [dst-port port] [short | long]

This example shows how to display all the ASLB MLS entries in short format:

Console> (enable) show lda mls entry short

Destination-IP  Source-IP       Prot  DstPrt SrcPrt Destination-Mac   Vlan

--------------- --------------- ----- ------ ------ ----------------- ----

EDst ESrc DPort  SPort  Stat-Pkts  Stat-Bytes  Uptime   Age

---- ---- ------ ------ ---------- ----------- -------- --------

10.0.0.8        172.20.20.10    TCP  8      64     00-33-66-99-22-44 105 

ARPA ARPA -      4/25   0          0           00:00:02 00:00:05

10.0.0.8        172.20.20.11    TCP  8      64     00-33-66-99-22-44 105 

ARPA ARPA -      4/25   0          0           00:00:05 00:00:08

Console> (enable)

This example shows how to display the ASLB information for the source IP address in short format:

Console> (enable) show lda mls entry source 172.20.20.11 short

Destination-IP  Source-IP       Prot  DstPrt SrcPrt Destination-Mac   Vlan

--------------- --------------- ----- ------ ------ ----------------- ----

EDst ESrc DPort  SPort  Stat-Pkts  Stat-Bytes  Uptime   Age

---- ---- ------ ------ ---------- ----------- -------- --------

10.0.0.8        172.20.20.11    TCP  8      64     00-33-66-99-22-44 105

ARPA ARPA -      4/25   0          0           00:00:05 00:00:08

Console> (enable) 

Displaying the ASLB MLS Statistics

To display the ASLB MLS statistics, perform this task in privileged mode:

Task	Command
Display the ASLB MLS entry statistics.	show lda mls statistics entry show lda mls statistics count show lda mls statistics entry [destination ip_addr_spec] [source ip_addr_spec] [protocol protocol] [src-port port] [dst-port port]

This example shows how to display all the ASLB MLS entry statistics:

Console> (enable) show lda mls statistics entry

                                  Last    Used

Destination IP  Source IP       Prot DstPrt SrcPrt Stat-Pkts  Stat-Bytes

--------------- --------------- ---- ------ ------ ---------- ---------------

10.0.0.8        172.20.20.10    TCP  WWW    64     636        29256       

10.0.0.8        172.20.22.10    TCP  WWW    64     0          0    

Console> (enable) 

This example shows how to display the number of ASLB active MLS entries:

Console> (enable) show lda mls statistics count

LDA active shortcuts: 20

Console> (enable) 

This example shows how to display the statistics for a specific destination IP address:

Console> (enable) show lda mls statistics entry destination 172.20.22.14

                Last Used         Last    Used

Destination IP  Source IP       Prot DstPrt SrcPrt Stat-Pkts  Stat-Bytes

--------------- --------------- ---- ------ ------ ---------- ---------------

172.20.22.14    172.20.25.10    6    50648  80     3152       347854

Console> (enable) 

Clearing the ASLB Configuration

---

Caution If you do not enter any keywords with the clear lda command, the entire ASLB configuration (including the MLS entries) is removed from the hardware and NVRAM. If you do not enter any keywords with the clear lda mls command, all the MLS entries are cleared.

---

To clear the ASLB entries or router MAC addresses, perform this task in privileged mode:

Task	Command
Clear the ASLB configuration settings.	clear lda mls clear lda mls [destination ip_addr_spec] [source ip_addr_spec] [protocol protocol src-port src_port dst-port dst_port] clear lda vip {all | vip | vip tcp_port} clear lda mac {all | router_mac_address}

This example shows how to clear the MLS entry at a specific destination address:

Console> (enable) clear lda mls destination 172.20.26.22

MLS IP entry cleared.

Console> (enable)

This example shows how to delete a virtual-IP address and port pair (10.0.0.8, port 8):

Console> (enable) clear lda vip 10.0.0.8 8

Successfully deleted vip/port pairs.

Console> (enable)

This example shows how to clear all the ASLB router MAC addresses:

Console> (enable) clear lda mac all

Successfully cleared Router MAC address.

Console> (enable)

This example shows how to clear a specific ASLB router MAC address:

Console> (enable) clear lda mac 1-2-3-4-5-6

Successfully cleared Router MAC address.

Console> (enable)

ASLB Configuration Example

This section provides an example of a typical ASLB network configuration. Figure 53-4 shows the example network. The configuration specifications are as follows:

•The virtual-IP address is 192.255.201.55.

•The router interface MAC address is 00-d0-bc-e9-fb-47, and its IP address is 192.255.201.1.

•The LocalDirector IP address is 192.255.201.2.

•