Configuring VLANs

Available Languages

Download Options

  • PDF     (200.3 KB)
    View with Adobe Reader on a variety of devices
Updated:May 4, 2007

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Configuring VLANs

Table Of Contents

Configuring VLANs

Configuring Client-Side VLANs

Configuring Server-Side VLANs


Configuring VLANs

This chapter describes how to configure VLANs on the CSM-S and contains these sections:

Configuring Client-Side VLANs

Configuring Server-Side VLANs

To configure VLANs on the SSL daughter card, see the "Configuring VLANs on the SSL Daughter Card" section.

When you install the CSM-S in a Catalyst 6500 series switch, you need to configure the client-side and server-side VLANs. (See Figure 4-1.)

Client-side or a server-side VLAN terminology logically distinguishes the VLANs facing the client-side and the VLANs connecting to the servers or destination devices. However, the CSM-S client and server VLANs function very similarly. For example, new connections can be received on a server VLAN and then be load-balanced to a client VLAN.

The differences between the client-side and server-side VLANs are as follows:

When configuring bridge mode, you cannot bridge two server VLANs or two client VLANs. You can only bridge a client and a server VLAN.

Denial of service (DoS) protection features are more aggressive on the client-side VLANs, especially when rate limiting control traffic is sent to the central processing unit.

Note You must configure VLANs on the Catalyst 6500 series switch before you configure VLANs for the CSM-S. The VLAN IDs must be the same for the switch and the module.

Figure 4-1 Configuring VLANs

Note The numbers in Figure 4-1 correspond to the numbers in the following operation.

1. The CSM-S does not perform a Layer 3 lookup to forward traffic; the CSM-S cannot respond to ICMP redirects.

2. You can configure up to 7 gateways per VLAN for up to 511 client and server VLANs and up to 224 gateways for the entire system. If an HSRP gateway is configured, the CSM-S uses 3 of the 224 gateway entries because traffic can come from the virtual and physical MAC addresses of the HSRP group. The fault-tolerant VLAN does not use an IP interface, so it does not apply toward the 512 VLAN limit.

Configuring Client-Side VLANs

To configure the client-side VLANs, perform this task:

Caution You cannot use VLAN 1 as a client-side or server-side VLAN for the CSM-S.

 
Command
Purpose

Step 1  

Router(config-module-csm)# vlan vlanid 
client

Configures the client-side VLANs and enters the client VLAN mode1 .

Step 2  

Router(config-slb-vlan-client)# ip 
ip-address netmask

Configures an IP address to the CSM-S used by probes and ARP requests on this particular VLAN2 .

Step 3  

Router(config-slb-vlan-client)# gateway 
ip-address

Configures the gateway IP address.

1 Enter the exit command to leave a mode or submode. Enter the end command to return to the menu's-top level.

2 The no form of this command restores the defaults.

This example shows how to configure the CSM-S for the client-side VLANs: 

Router(config-module-csm)# vlan 130 client

Router(config-slb-vlan-client)# ip addr 123.44.50.6 255.255.255.0

Router(config-slb-vlan-client)# gateway 123.44.50.1

Router(config-slb-vlan-client)# exit

Router# show module csm vlan 1

Configuring Server-Side VLANs

To configure the server-side VLANs, perform this task:

 
Command
Purpose

Step 1  

Router(config-module-csm)# vlan vlanid server

Configures the server-side VLANs and enters the server VLAN mode1 .

Step 2  

Router(config-slb-vlan-server)# ip ip-address 
netmask

Configures an IP address for the server VLAN2 .

Step 3  

Router(config-slb-vlan-server)# alias 
ip-address netmask

(Optional) Configures multiple IP addresses to the CSM-S as alternate gateways for the real server3 .

Step 4  

Router(config-slb-vlan-server)# route 
ip-address netmask gateway gw-ip-address

Configures a static route to reach the real servers if they are more than one Layer 3 hop away from the CSM-S.

Step 5  

Router # show module csm slot vlan [client | 
server | ft] [id vlan-id] [detail]

Displays the client-side and server-side VLAN configurations.

1 Enter the exit command to leave a mode or submode. Enter the end command to return to the menu's-top level.

2 The no form of this command restores the defaults.

3 The alias is required in the redundant configuration. See "Configuring Redundancy."

This example shows how to configure the CSM-S for the server-side VLANs: 

Router(config-module-csm)# vlan 150 server

Router(config-slb-vlan-server)# ip addr 123.46.50.6 255.255.255.0

Router(config-slb-vlan-server)# alias 123.60.7.6 255.255.255.0

Router(config-slb-vlan-server)# route 123.50.0.0 255.255.0.0 gateway 123.44.50.1

Router(config-slb-vlan-server)# exit

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products