From: Brian (signal@xxxxxxxxxx)
Date: Thu Dec 06 2001 - 00:16:42 GMT-3
On Wed, 5 Dec 2001, Scott Decker wrote:
> Brian:
>
> The LD is a 'bridge only' device from the perspective of the LAN segment
> it is on. It listens for layer three, but does not route. It reads the
> inbound layer 3 header to see if it's directed at the virtual server.
> If so, it performs it LB algorithm and forwards to the appropriate real
> server, which must be on the same subnet. In your example, the servers
> are addressed on a different physical subnet. Since the LD does not
> know how to route, you are going to have errors whenever you attempt to
> cross a subnet boundary. This seems to be the problem you are
I assigned the LD an alias address, so that I could have it on a different
subnet. Also, I *did* try it with just the LD on 10.0.1.0/24, that didn't
fly. I may try this again though. I was under the impression that adding
the "alias ip" command would allow you to use the different subnets.
> experiencing as far as I can tell. In order to reach another subnet
> (which you are trying to do), you will have to put an L3 device between
> the LD and the real servers.
>
> >From CCO: " LocalDirector serves as a transparent learning bridge to
> forward data packets between its interfaces. Because of its bridge
> capability, LocalDirector must not be installed on the network parallel
> to another bridge. Only use LocalDirector to connect to servers allowing
> a single way in or out to the network through LocalDirector, as shown in
> Figure 2-1."
>
>
> Go here for more info:
> http://www.cisco.com/univercd/cc/td/doc/product/iaabu/localdir/ldv42/421
> guide/42ch02.htm
>
> It also includes the diagram I'm trying to describe for two different
> subnets (Figure 2-4 I think).
>
> HTH,
>
> Scott
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Brian
> Sent: Wednesday, December 05, 2001 6:32 PM
> To: ccielab@groupstudy.com
> Subject: LocalDirector problem
>
> I am racking my head over a problem I am having with a basic
> localdirector
> setup. I admit I don't have much experience with the LocalDirector,
> although it looks pretty simple to setup for basical load balancing.
>
> Below is a diagram, some show command output and a config. If anyone
> has
> some experience in these boxes and can just glance it and see if I am
> doing something wrong, I would appreciate it.
>
>
>
> Internet
> |
> |
> |
> | s0/0
> Border Router (3640)
> | e0/0 12.45.140.1/27
> | 10.0.1.1/24 (secondary)
> |
> |
> | ethernet 0
> LocalDirector 416 (12.45.140.21)
> | ethernet 2
> |
> |
> Hub
> |
> |
> -------------------------
> | | |
> | | |
> realserver1 realserver2 realserver3
> 10.0.1.241 10.0.1.242 10.0.1.243
>
>
> Notes:
> 1. The real servers default route to 10.1.1.1
> 2. I have verified a webserver is responding on port 80 of each
> realserver. It
> is reachable using the realserver ip address from the side of the hub
> the realservers
> are on.
> 3. The LDIR 416 cannot ping any real servers. The real servers can ping
> each other.
> The LDIR can ping the 3640 on either of its IP addresses.
> 4. The LDIR 416 is addressed on both the 12.45.140.0/27 networks and the
> 10.0.1.0/24
> networks. Its primary IP address is 12.45.140.21/24 and I created an
> alias for the
> 10.0.1.250 address it has. This way I can reach it from the Internet.
> If I flip flop
> its real ip and alias, I cannot reach it.
> 5. The virtual server is not pingable from the Internet or realserver
> side of the hub.
>
> ldAlpha# show real
> Real Machines:
>
> No Answer TCP Reset
> DataIn
> Machine Connect State Thresh Reassigns Reassigns
> Conns
> server3:0:0:tcp 0 IS 8 0 0
> 0
> server2:0:0:tcp 0 IS 8 0 0
> 0
> server1:0:0:tcp 0 IS 8 0 0
> 0
>
> ldAlpha# show virtual
> Machines:
>
> Machine Mode State Connect
> Sticky Predictor Slowstart
> dsdata:0:0:tcp directed local IS 0 0
> roundrobin* none
>
>
> ldAlpha# show bind
> Virtual Machine(s) Real Machines/Urls
> dsdata:0:0:tcp(IS)
> server3:0:0:tcp(IS)
> server2:0:0:tcp(IS)
> server1:0:0:tcp(IS)
>
>
>
> : Saved
> : LocalDirector 416 Version 4.2.3
> : Uptime is 0 weeks, 2 days, 3 hours, 37 minutes, 45 seconds
> no syslog output
> no syslog console
> enable password 000000000000000000000000000000 encrypted
> hostname ldAlpha
> no shutdown ethernet 0
> no shutdown ethernet 1
> no shutdown ethernet 2
> interface ethernet 0 100basetx
> interface ethernet 1 100basetx
> interface ethernet 2 100basetx
> mtu 0 1500
> mtu 1 1500
> mtu 2 1500
> no multiring all
> no secure 0
> no secure 1
> no secure 2
> ping-allow 0
> ping-allow 1
> ping-allow 2
> ip address 12.45.140.21 255.255.255.224
> alias ip address 10.0.1.250 255.255.255.0
> arp timeout 30
> no rip passive
> rip version 1
> failover ip address 0.0.0.0
> no failover
> failover hellotime 30
> password 5ebe2294ecd0e0f08eab7690d2a6ee69 encrypted
> telnet 192.168.1.100 255.255.255.0
> telnet 10.0.1.253 255.255.255.0
> telnet 10.0.1.54 255.255.255.0
> telnet 10.0.1.1 255.255.255.0
> telnet 12.45.140.1 255.255.255.224
> virtual 12.45.140.20:0:0:tcp is
> predictor 12.45.140.20:0:0:tcp roundrobin
> real 10.0.1.243:0:0:tcp is
> real 10.0.1.242:0:0:tcp is
> real 10.0.1.241:0:0:tcp is
> replicate interface 1
> name 10.0.1.241 server1
> name 10.0.1.242 server2
> name 10.0.1.243 server3
> name 12.45.140.20 dsdata
> bind 12.45.140.20:0:0:tcp 10.0.1.243:0:0:tcp
> bind 12.45.140.20:0:0:tcp 10.0.1.242:0:0:tcp
> bind 12.45.140.20:0:0:tcp 10.0.1.241:0:0:tcp
>
> -----------------------------------------------
> Brian Feeny, CCIE #8036 e: signal@shreve.net
> Network Engineer p: 318.222.2638x109
> ShreveNet Inc. f: 318.221.6612
-----------------------------------------------
I'm buying / selling used CISCO gear!!
email me for a quote
Brian Feeny, CCIE #8036 Netjam, LLC
signal@netjam.net http://www.netjam.net
VISA/MC/AMEX/COD phone: 318-212-0245
30 day warranty fax: 318-212-0246
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:39 GMT-3