CSS 11050 Load Balancing with Single VLAN (no NAT)

Similar Messages

• CSS 11503 load-balancing with MS Print Servers

  We are trying to load-balance print server connections between 2 MS print servers. When we try to connect to the print servers name, (\\PS01) or even the VIP address, we get a Path not found error. However, if we direct the path to the actual name or ip address of the print servers (not the VIP), we can view all the queues and connect/print to them. Is this possible to do on the CSS 11503? Thanks.

  Pete- Here is our config. See any problems?
  configure
  !*************************** GLOBAL ***************************
  ip route 0.0.0.0 0.0.0.0 1.100.100.100 1
  !************************* INTERFACE *************************
  interface 1/2
  bridge vlan 2
  !************************** CIRCUIT **************************
  circuit VLAN1
  ip address 1.100.101.110 255.0.0.0
  circuit VLAN2
  ip address 10.100.249.1 255.255.255.0
  !************************** SERVICE **************************
  service ps01
  ip address 10.100.249.5
  active
  service ps02
  ip address 10.100.249.6
  active
  !*************************** OWNER ***************************
  owner printserver
  content L3_Basic
  add service ps01
  add service ps02
  vip address 1.100.100.35

• CSS 11501 Load Balancing with X-forwarded-for

  Hi,
  We have a pair of CSS 11501,
  Currently it is using source ip for load balancing and 5 servers as backend , however we have users loggin in using http and based on its source IP (ISP PROXY) , it is forwarded to SERVER A.
  However, we have a SSL page and when the client switches over to SSL , it is forwarded to SERVER B/C/D/E  based on its source IP ( REAL CLIENT IP) .
  This will cause the user to be terminated as the 5 servers are independent and not running in a cluster.
  Is there any way that we can use the X-Forwarded-For address to load balance so that when users loging , they are sent to SERVER A (Based on X-Forwarded-For Header IP which translate to REAL CLIENT IP).
  This way we are able to also send it back to the same server when it uses SSL.
  I believe that we should be able to load balance using X-Forwarded-For IP or to rewrite the X-Forwarded-For IP into client source IP
  Regards

  Hi,
  Unfortunately CSS does not support X-Forwarded-For, and even if CSS supports that, this wont work if you are not using SSL termination.
  One option that you can use here, is using SSL termination, so you can manage the SSL traffic on HTTP on the CSS, in this way you can use the same HTTP content rule which is the one currently working.
  In summary, you will have an SSL content rule that will decrypt the traffic, and this one will use the same content rule that already exist for HTTP, in case that the server is the one doing the redirect to SSL, but this is something that requires testing since depending on the redirect behavior we might have a redirect loop, but without details it is kind of hard to confirm that you will face this with this option.
  Another option, which is less complex, is to use a portless content rule, so this content rule will match port 443 and 80 at the same time, and using sticky or balance based on source IP, you will get the same result with less config. The downside is the troubleshooting, but in this way you will have what you want.
    content HTTP-HTTPS
      vip address 10.198.44.70
      advanced-balance sticky-srcip
      add service server1
      add service server2
      add service server3
      add service server4
      add service server5
      protocol tcp
      active
  Here the content rule is not looking for the destination port, it is just looking for the source IP, and HTTP and HTTPS will end all the time on the same server.
  Thanks,
  Rodrigo

• Using a single CSS to load balance multiple services

  Is it possible to use a single CSS to load balance 3 different services (server farm) ? That mean the CSS need to advertise 3 VIP
  I'm thinking of two scenarios:
  1 - configure the CSS to use 4 interfaces: 1 to public, 3 to private (each interface will plug-in to a different vlan/server farm)
  2 - configure the CSS to use 2 interfaces: 1 to public, 1 to private (all 3 server farms are in the same vlan)
  Will both scenarios work ?
  Thanks
  --Phillip.

  Hi Phillip,
  both scenarios will work. One CSS can certainly manage more than 3 services! You can even use just one VIP for all traffic, then just create the proper rules to send specific traffic to the corresponding service(s). No need for 3 VIPs.
  Regards
  -juerg

• CSS Load Balancing with Cookies

  We are trying to load balance 2 backend servers hosted on Websphere with advance balance cookies method.
  Restrictions
  ServerA is unable to accept cookies generated from ServerB.
  ServerA and ServerB are generating random cookies
  Unable to modify cookie string with a constant.
  How can we load balance based on cookies considering the above restrictions?
  We have attempted to do hash based load balancing with cookies but the problem we run into is the servers do not accept cookies generated from another server.
  The configuration we tried is written below:
  service ServerA
  ip address 192.168.10.2
  keepalive type tcp
  keepalive port 80
  active
  service ServerB
  ip address 192.168.20.2
  keepalive type tcp
  keepalive port 80
  active
  content ABC
  url "/*"
  add service ServerA
  string prefix "JSESSIONID="
  advanced-balance cookies
  port 80
  add service ServerB
  string skip-length 5
  string process-length 16
  string operation hash-xor
  protocol tcp
  vip address 172.16.32.1
  active
  Can we change the string prefix to JSESSION instead of JSESSIONID= ?
  The only place the app guys can add a constant string to match on is before the = sign.
  Is it possible for CSS to match on a constant string before = sign e.g below:
  service ServerA
  ip address 192.168.10.2
  keepalive type tcp
  keepalive port 80
  string id567=
  active
  service ServerB
  ip address 192.168.20.2
  keepalive type tcp
  keepalive port 80
  string id123=
  active
  content ABC
  url "/*"
  add service ServerA
  string prefix "JSESSION"
  advanced-balance cookies
  port 80
  add service ServerB
  string skip-length 0
  string process-length 6
  protocol tcp
  vip address 172.16.32.1
  active

  It should work.
  There is no reason for it not to work...
  This is the best method you can have on the CSS for stickyness.
  Get a sniffer trace on the client and server with arrowpoint cookie configured on the CSS and capture a failure so we can see what is going on.
  also send me the config so I can verify everything is ok.
  If you have a service request open with the TAC, you can also give the SR # so I can review what has been done.
  Gilles.

• WAN Load-Balancing and multi VLAN design

  Hello,
  I need some help to define the design of a specifi LAN-WAN network.
  1) There are 2 independant WAN entries (they have their own ISP-managed router)
  2) I need to load-balanced the requests over the 2 WAN
  3) If possible, the load-balancer must be redundant (GLBP ?)
  4) On the LAN itself, there must be 15 different VLAN
  5) We also need a DHCP solution (also redundant if possible) to provide IP to these VLAN, with unique gateway (the load-balancer)
  What do I need to implement this configuration ?
  And is it possible to configure with as much GUI as possible ?
  Thanks in advance for your help.

  Dear Mike,
  Thank you and welcome to the Small Business Support Community.
  It is possible to configure load balancing with NAT, however in this case, remote internet servers will potentially see sessions from remote hosts behind the SRP541W coming from different source IP addresses (the WAN IP addresses), causing the sessions to be reset unexpectedly.
  The Policy Routing setting you setup is exactly what I would do in your case.
  I hope these answer your question and please do not hesitate to reach me back if there is anything else I may assist you with.
  Kind regards,
  Jeffrey Rodriguez S. .:|:.:|:.
  Cisco Customer Support Engineer
  *Please rate the Post so other will know when an answer has been found.

• Load Balancing with BigIP / SSL question

  I have an oddball question. We're load balancing ColdFusion
  MX7 across 3 servers using a BigIP load balancing server. We
  decided to go the hardware approach and it has been great except
  for one small configuration issue.
  We use a mix of SSL and non SSL pages, prior to the switch
  from a single server to a load balanced setup I used to script that
  would determine if a page that was supposed to be SSL had the
  variable CGI.HTTPS turned on or off. If it was off, the page would
  redirect back to itself with the SSL turned on.
  The problem we have is that we followed BigIP's instruction
  to secure the load balancing hardware instead of the three servers
  running behind it. So what happens is that the traffic goes to the
  load balancer port 441, but then the calls from the load balancer
  to the individual servers is port 80. So even if a page is called
  as HTTPS://... the coldfusion server says that CGI.HTTPS is "off"
  since the traffic is port 80.
  This isn't much of a problem, our SSL pages are linked as
  HTTPS:// and the only problem would actually arise if someone was
  to type in the URL and call it as HTTP rather than HTTPS.
  My questions is this, does anyone know of a way that I can
  detect if the page should be HTTPS and is not without changing our
  configuration and putting SSL certificates on each individual
  server?

  Hey,
  Well the load balancing with the BigIP device is really very
  amazing. I think
  what i liked most was swapping out servers when their lease
  was up, through the
  BigIP manager I just stopped all traffic to a server, shut it
  down, plugged in
  the new one and turned traffic back on. It was really very
  easy.
  The SSL stuff still gives me a headache to think about. but
  I should mention I
  no longer work where I was, plus now I'm all .net C# but
  that's a different
  story.
  I think if I was going to do this all again I would not have
  secured the bigIP
  unit. It was nice to buy one SSL cert for all the servers I
  attached rather
  than one per server, but getting the SSL sites to work
  properly was a headache.
  We also use windows file replication where now I would go
  with like a pair of
  Dell MD1000's mirrored for storage and just have tons of ram
  and cpu on the
  front end units. Depends what you want to spend I guess. I
  think the bigIP unit
  we bought was like 20 grand, i think they are cheaper now
  though.
  Hope I helped.

• Load balancing with A-Gate

  Hi All,
  I wish to configure my single W-Gate (Linux) to load balance with 2 A-Gate (Window). Can anyone help?
  Regards
  Lauran

  Hello Lauran,
  I'm assuming that you already have the ITS working with one AGate server.  To load balance between two you need to install the ITS AGate again on the second server with the same ITS instance name.  Then on the WGate server you will need to modify the ItsRegistryWgate.xml.  Under the <key name="Instances"> you will find a section already for this ITS instance name, like ITS1.  You will need to copy and paste the Agate1 section and make it Agate2, change the Host name and the PortAGate and PortMManager and then save and restart.  The finished section should look like:
  - <key name="ITS1">
  - <key name="Values">
    <value name="Available" type="text">yes</value>
    <value name="Name" type="text">ITS1</value>
    <value name="DocumentRoot" type="text">c:\its1081</value>
    <value name="ServerName" type="text">Apache2 (virtual host: default:1081)</value>
    <value name="NIReceiveRetryCount" type="text">0</value>
    <value name="NIReceiveTimeout" type="text">0</value>
    <value name="NISendTimeout" type="text">0</value>
    </key>
  - <key name="Agates">
  - <key name="Agate1">
    <value name="Host" type="text">Hostname1</value>
    <value name="PortAGate" type="text">sapavw00_ITS1</value>
    <value name="PortMManager" type="text">sapavwmm_ITS1</value>
    <value name="Type" type="text">1</value>
    <value name="SncNameAGate" type="text" />
    <value name="SncNameWGate" type="text" />
    <value name="MultiProcess" type="text">no</value>
    <value name="Available" type="text">yes</value>
    </key>
  - <key name="Agate2">
    <value name="Host" type="text">Hostname2</value>
    <value name="PortAGate" type="text">sapavw00_ITS1</value>
    <value name="PortMManager" type="text">sapavwmm_ITS1</value>
    <value name="Type" type="text">1</value>
    <value name="SncNameAGate" type="text" />
    <value name="SncNameWGate" type="text" />
    <value name="MultiProcess" type="text">no</value>
    <value name="Available" type="text">yes</value>
    </key>
    </key>

• CF 10 Load-Balancing with Remote Instances

  I was reading an article on Clustering/LB/HA using CF8, but have not found any updates for CF10.
  Using VM VirtualBox to setup a few virtual servers, I am looking to setup a load balancing of ColdFusion 10 on 2 remote instances. The goal would be have ColdFusion Cluster Manager be able to point http request to one of the two servers based on load/availability. Not really having a hardware cluster/failover setup, just managing resources on two CF instances instead of a standalone.
  The servers are Windows Server 2008 R2 with IIS7.5 and ColdFusion 10 Enterprise on installed on 3 of these machines. Let's call them CF-LBManager, CF-Web1, and CF-Web 2. In the CF Docs, they show the Cluster Manager adding the local CF instance and "if you want" a remote instance. However, this scenario would require the main instance to be running and not fail for it to direct to the other instance.
  I am trying to set this up now with CF-LBManager as just a manager of the requests coming in. In the Enterprise Manager >> Instance Manager, the local instance is shown and I add the two remote instances with the correct Remote Port, JVM Route, etc. I also made sure the <Cluster>...</Cluster> block was added to the two remote instances (CF-Web1 and CF-Web2) \runtime\conf\server.xml file too, Jetty Services also is running. Now under the Enterprise Manager >> Cluster Manager I add the two remote instances to the cluster, not the local instance on CF-LBManager with Multicast Port and Sticky Sessions enabled. On Submit, I get a green message "You must restart all the server instances and any configured webservers for these changes to take effect.". I go ahead and reboot the servers and come back.
  I now browse to the ColdFusion page as a test on CF-Web1 and CF-Web2 to make sure CF is running properly, they do. I then browse the IP of the CF-LBManager, however it only returns the local IIS web site and not redirect to one of the two cluster members. I am not seeing any message on the coldfusion-out.log on the remote instances. Am I not setting this up correctly or not enabling the Cluster Manager to take over and pass along the requests to those in the cluster?

  Unfortunatley I don't have a lot of experience with CF10 on Windows, but if you are running CF behind IIS I think  you will need to update the Tomcat connector configuraiton to do load balancing. I'm not sure if re-running the wsconfig tool on all of the servers will do this or not, but that is what I would suggest trying first. If that doesn't work you will need to update the Tomcat connector configuraiton manually. You can find more information on load balancing with the Tomcat connector here: http://tomcat.apache.org/connectors-doc/generic_howto/loadbalancers.html.

• Cache and Load Balancing with Oracle APEX Listener

  Hi,
  I intend to use only HTTP access.
  How to implement a Cache and Load Balancing with the Oracle APEX Listener?
  Is it possible to do with the the standalone running APEX Listener?
  Thanks by advance for any tips/documentation/references.
  Kind Regards.

  Hi,
  I think this question is best asked in the APEX Listener forum:
  ORDS, SODA & JSON in the Database
  Kind regards
  Sandro

• Load balancing with JSP

  Anyone and everyone,
  When configuring load balancing with Weblogic clusters, does load
  balancing take effect for all services or just EJB and RMI? Or another
  way of saying the same thing, can I setup weighted load balancing for
  the JSP engines across 2 weblogic servers.
  Thanks in advance,
  Mike

  The load-balancing documentation you read describing the different algorithms only applies to RMI stubs (e.g., EJB clients). Please see http://www.weblogic.com/docs51/cluster/concepts.html#1026091 for a description of how load-balancing/clustering works with servlets/JSPs.
  The short answer is that in using servlet clustering, most people want/need/use in-memory replication for HttpSession objects. In WLS 5.1 (and before), in-memory replication requires one or more proxy servers be set-up in front of the cluster. Typically, most people use something like BigIP to load-balance
  across the proxy servers and let the weblogic plug-in for the proxy server handle the routing to the cluster. The plug-in uses round-robin until an HttpSession is established for a user, then it always tries to route to the server where the user's session is located.
  Hope this helps,
  Robert
  Brian Lin wrote:
  All,
  I have a quesiton here regarding load balancing with DNS round robin. As of Chapter Adminstration of Clustering Weblogic server, Weblogic can be configured to balance by weight. How about Weblogic handle weight based balancing after DNS round robin ip response? or just can choose one way instead of both?
  What's the big difference between choosing BigIP and software balancing (WL)?
  Brian
  "Wei Guan" <[email protected]> wrote:
  I don't think you can configure this load balancing in weblogic in current
  release. However, if you have Big-IP or LocalDireoctr, you can set up
  weighted load-balancing there. Otherwise, weblogic proxy will use DNS round
  robin to do the load-balancing between JSP engins.
  My 2 cents.
  Cheers - Wei
  Michael Yakimisky <[email protected]> wrote in message
  news:[email protected]...
  Anyone and everyone,
  When configuring load balancing with Weblogic clusters, does load
  balancing take effect for all services or just EJB and RMI? Or another
  way of saying the same thing, can I setup weighted load balancing for
  the JSP engines across 2 weblogic servers.
  Thanks in advance,
  Mike

• Multihomed eBGP load balancing with 3 ISP's

  We currently peer with 2 ISPs using BGP in an active/failover configuration.  My company wants to move to a 3 ISP model where Internet traffic is split across the 3 providers so that bandwidth is equally distributed on outgoing traffic across our 2 /22 ARIN IP ranges.  This is from our 2 edge switches that have VSS.  
  Within my limited knowledge of BGP, I have determined that we could do load sharing pretty easily by adding multiple default routes and breaking up our /22's into /24 and advertising them that way.  However, I don't think this satisfies the request that downtime must be seamless, should one link drop.  
  Currently, our ISP's advertise default routes.  From the research that I've done, we could get close to load balanced links if we receive full BGP routes and community settings and definitions.  I'm nervous about this because it looks really complicated, and I don't want our AS to turn into a transit AS.  I've been told the same can be accomplished with only partial BGP routes and community settings and definitions.  
  Personally, I think we just need a WAN load balancer.  However, given the request, is there a thread out there that can explain this, or can someone discuss this requested scenario a little bit?  
  Thanks!

  Hi there
  First question would be what is the required reconvergence time for the applications using the Internet? Should an outage occur, when do they lose their state? Once you know that, you then have a target to aim for in terms of recovery
  With regards load-balancing, with BGP we are always talking inbound and outbound.
  The outbound solution is relatively simple - each ISP advertises a default route to your Internet edge router(s). Create an eBGP session from each edge router to the core, advertise the default route and redistribute into the IGP. Ensure the IGP cost to each BGP next hop is equal and you have ECMP for outbound routing.
  Inbound influence is usually via MED (not likely in this case given 3 ISPs), adjusting local-pref in the ISP via BGP EXT communities configured your end, or via AS-PATH prepending for longer prefixes from your /22. Prepending would be simplest, but your unlikely to get an exact inbound traffic split, however a relatively even distribution should be sufficient. 

• How does load-balancing with WebCache work - is there still a bottleneck?

  Hello,
  We're migrating an old Forms 6i app to 10.1.2.0.2 (apps servers = Redhat Linux), and are starting to consider using WebCache to loadbalance between two application servers.
  My question is this - say we have apps servers A and B, both running Forms and Reports Services. We use Webcache on server A (don't have the luxury of a third apps server...) to load balance between A and B. So all initial requests come into A, which in some cases may then be diverted to start a new Forms session on B.
  For those users whose middle-tier sessions are now running on B - will all network traffic for their Forms session continue to be routed through Webcache on A, then to B, over the course of the session? Or does Webcache somehow shunt the whole connection to be straight between the client PC and server B, for the duration of that Forms session?
  If the former, does that mean that the server hosting Webcache can still be a significant bottleneck for network traffic? Have people found load-balancing with Webcache to be useful..?
  Thanks in advance,
  James

  Hi gudnyc,
  Thanks for posting on Adobe forums.
  For HDPI you do not have to do any It will adjust automatically.
  http://helpx.adobe.com/photoshop-elements/using/whats-new.html
  Regards,
  Sandeep

• Load Balancing With Round Robin

  Hi,
  I have two iAS instances, each on their own box, and one iWS instance
  running on a third box. I have setup the web connector to use round
  robin and added the server weights. I believe that is all that is to it
  to do simple load balancing with iAS. The problem is is that the
  requests only go to one iAS instance. The server weights are 1 and 1.
  Am I missing something here?
  Thanks

  Could be lots of things.
  The most common misconfiguration is testing an application that is deployed "local". This application option effectively disables load balancing.
  Another common mistake is to either not update the configuration of the webconnector (if the webconnector
  has a seperate configuration LDAP) or to not restart
  the webconnector after the configuration change.
  Hope this helps. There's more things we could try, but I'll hope its one of these two easy things.

• Load balancing with use of router 881.

  Hello,
  I have two MPLS line and i want load balancing with the help of CISCO router 881. is it necessary that i require two router on both location.? if one location have firewall and one location have cisco router 881 then can i do a load balancing or i require two router each on both location ? What are the basic requirement that i need.
  Thanks,
  Kuntal

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  An 881 should be able to load share across multiple ports.  Many routing protocol support ECMP, including BGP, but you need "special" hidden/secret commands to enable.  EIGRP also supports unequal cost load sharing.
  If an 881 supports OER or PfR, those too will do unequal load sharing, dynamically.