How to Configure Transparent caching on Cat 6500 with CSM in routed mode
I am trying to configure Transparent caching on Cat 6500 with CSM in routed mode, but facing some problems in it , also I have gone thru the example config on cisco site for transparent caching using CSM on Cat 6500 , but the above does not fit my clients requirement.
The scenario is like
Access Switches - Cat6500 with MSFC & CSM - Internet Router
|
Cache Engines and Real servers
The clients as well as real servers are on seperate VLANs (L3) and the requirement is to load balance the internet traffic using cache engines.
I'd really appreciate any helpful suggestions or any useful links/docs/info on this.
Thanks
kumar
Hello Joerg,
Thanks for the reply.
I have already gone thru the sample config shown by this weblink, however this link refers to configuring transparent caching on the CSM in BRIDGED MODE ( i.e both the client and server vlans are having the same IP address ) but in our case , we have multiple L3 VLANS on the CAT6509 having IP addresses in different SUBNETS , and the Real servers to be used for caching also exist on one of these VLANS. Thus, the scenario described by the Weblink does not apply here. Also , in the configuration referred by the above weblink, the VLAN 100 is configured as client , however the endusers are shown to be on vlan200 which is configured as SERVER VLAN in the CSM.
Dont you think there is something wrong here, I mean the endusers should be on VLAN 100 (Client) and real servers on VLAN 200 (SERVER).
So, I have to configure CSM in routed mode ( i.e both the client and server vlans will have seperate IP addresses in different subnets ) and the endusers will be on all VLANS .
Pls let me know , how I can implement this solution.
Thanks again
Sudhir
Similar Messages
-
How to Configure Transparent caching on Cat 6500 with CSM in bridge mode?
hi.
I found How to Configure Transparent caching on Cat 6500 with CSM in routed mode.
But,
I need help How to Configure Transparent caching on Cat 6500 with CSM in bridge mode?
Please let me know sample configuration.
thanks.Hi,
I wrote the document you mentioned and I also wrote the one below.
http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a00802c1201.shtml
The one with the SSLM is a bridge mode config.
If you replace the SSLM with a cache [or a farm of caches] it would be a similar config.
Replace the SSL21 vserver with an HTTP vserver [most important is to keep the vlan configured on each vserver]
Regards,
Gilles. -
Have any one configure transparent caching on ACE module
How to configure transparent caching on ACE module? Please kindly give me a example configure. Thank you very much.
here is a basic config.
The module will intercept traffic coming in on vlan 20 and loadbalance it doing a url hashing to caches in vlan 30.
The mode is transparent so the destination ip address is preserved.
serverfarm host CACHES
transparent
predictor hash url
rserver linux1
inservice
rserver linux1-24
inservice
class-map match-all VIP-TCP80
2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq www
policy-map type loadbalance first-match SF-CACHES
class class-default
serverfarm CACHES
policy-map multi-match SLB-CACHES
class VIP-TCP80
loadbalance vip inservice
loadbalance policy SF-CACHES
interface vlan 20
ip address 192.168.20.123 255.255.255.0
peer ip address 192.168.20.121 255.255.255.0
access-group input PERMIT-ANY
service-policy input ALLOW-ALL
service-policy input SLB-CACHES
no shutdown -
If cache go down, how to bypass Transparent Caching in CSM ?
hi.
I configured transparent caching in CSM.
But cache go down, CSM dropped traffic to web server.
In this case, deed more configuration?
please me know how to bypass in cache go down .
thanks.
============== CSM configuration ==================
module ContentSwitchingModule 3
vlan 10 client
ip address 192.168.112.2 255.255.255.0
route 172.29.0.0 255.255.0.0 gateway 192.168.112.1
vlan 11 server
ip address 192.168.112.2 255.255.255.0
gateway 192.168.112.3
route 172.18.1.10 255.255.255.255 gateway 192.168.112.4
probe CACHE icmp
interval 2
retries 1
failed 2
receive 1
serverfarm CACHE
no nat server
no nat client
real 172.18.1.10
inservice
probe CACHE
serverfarm FORWARD
no nat server
no nat client
predictor forward
policy NOCACHE
client-group 10
serverfarm FORWARD
policy CACHE
serverfarm CACHE
vserver FROMCACHE
virtual 0.0.0.0 0.0.0.0 any
serverfarm FORWARD
persistent rebalance
inservice
vserver REDIRECT
virtual 0.0.0.0 0.0.0.0 tcp www
vlan 10
serverfarm CACHE
persistent rebalance
slb-policy NOCACHE
slb-policy CACHE
inservice
access-list 10 permit 172.29.1.10under your vserver redirect, instead of configuring 'serverfarm cache' configure 'serverfarm cache backup forward'
If the serverfarm cache goes down, the CSM will use the backup which is a forward.
However, in this case, the response from the server will probably not come back to the CSM, so you should configure the vserver with the command 'unidirectional' as well.
Regards,
Gilles. -
[SOLVED]How to configure pptp vpn start on boot with netcfg?
I've configured 2 profiles:
eth0 and ppp0, where ppp0 is a pptp vpn tunnel.
$ ls /etc/network.d/
eth0 examples interfaces ppp0
$ cat /etc/network.d/ppp0
CONNECTION='ppp'
INTERFACE='ppp0'
PEER='dxt'
PPP_TIMEOUT=10
$ cat /etc/conf.d/netcfg
# Enable these netcfg profiles at boot time.
# - prefix an entry with a '@' to background its startup
# - set to 'last' to restore the profiles running at the last shutdown
# - set to 'menu' to present a menu (requires the dialog package)
# Network profiles are found in /etc/network.d
NETWORKS=(eth0 ppp0)
# Specify the name of your wired interface for net-auto-wired
WIRED_INTERFACE="eth0"
# Specify the name of your wireless interface for net-auto-wireless
WIRELESS_INTERFACE="wlan0"
Manually, I can start up ppp0 correctly.
$ sudo netcfg -u ppp0
:: ppp0 up [ BUSY ] Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
CHAP authentication succeeded
MPPE 128-bit stateless compression enabled
Cannot determine ethernet address for proxy ARP
local IP address 10.100.3.132
remote IP address 10.100.3.1
[ DONE ]
$ ip addr list dev ppp0
8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 10.100.3.132 peer 10.100.3.1/32 scope global ppp0
But after booting, only eth0 is up. How to configure ppp0 to start on boot with netcfg?
Last edited by rchiang (2012-12-21 01:09:32)Thanks a lot for your instruction.
netcfg works now!
chris_l wrote:
Did you
systemctl enable [email protected] -
How to configure the services(WDA) in ESS with EHP7
Hi Experts,
I have a requirement to configure ESS/MSS in R/3 . fisrt time am going to configure the ESS/MSS in R/3 with EHP7.currently we are using
ECC6.0 EHP7 with SP 2 and portal 7.4 can any one help me out which business functions need to be activate and which components need to activate.
How to configure the service in launch pad with WDA.please guide me the step by step procedure.
Please share the config guide if anyone have.hi sap scn ,
Tips & Recommendations for customizing ESS Menu (WD ABAP) - ess launchpad
Summary of configuration options in ESS Personal Information scenario -personal information
go to t-code lpd_cust see ROLE ESS and INSTNACE MENU ...Clcik it and copy to Z launchpad and drag and drop the services which u want and use it
if any other revert back again -
Cat 6500 with DCNM 6.2(1)
Hi there,
for test purposes I installed Cisco Prime DCNM 6.2. It works great with out Nexus 5k and 7k, however I have trouble with our older Cat 6500 devices. While I know that support for these devices is limited I am surprised that the portchannels could not be discovered performance wise and in regard to the topology map, even if they are connected to N7k's. Neither the normal portchannel ISLs between different 6500 nor the vPCs between 6500 and N7k appear in the topology, although the switches were successfully discovered and are considered "managable" via snmp and ssh.
Is there anything I need to do to make it work?
Best regards
PilleRafael,
I had the same issue. You need to go into ACS and create a custom Shell Profile (Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles), flip to the "Custom Attributes" tab, and add the following:
Attribute: cisco-av-pair
Requirement: Mandatory
Attribute Value: Static
Value: shell:roles="network-admin"
...although if you want a non-admin or DCNM "User" role, you would use the following instead:
Value: shell:roles="network-operator"
Save that. Then make sure your Device Admin Authorization Policy (Access Policies > Access Services > Default Device Admin > Authorization) references that Shell Profile in the "Results" section.
I'm using DCNM version 6.2(5) and this works.
Here's a useful link for more info: http://www.cisco.com/en/US/products/ps9911/products_configuration_example09186a0080bf5512.shtml -
How to configure cRIO 9004 and link it with Labview?
Today i tried to connect the cRIO 9004 to my pc using the serial cable
but unfortunately the controller was not detecting on my pc. Then I
turned on the IP reset button and tried connecting it using LAN to get
an IP address but it also didn't work. I was looking for drivers on the
internet and NI website but I couldn't find any directly related ones.
Status light is blinking slowly and continuously(one flash every
couple of seconds). According to cRIO 9004 manual it indicates "That the
controller is unconfigured. Use MAX to configure the controller.
Refer to the Measurement & Automation Explorer Help for information
about configuring the controller".
I tried MAX but its still not detecting the controller to configure.
It would be great if you'll could help me out with this as I'm configuring this type of a controller for the first time.
Thanks and regards
KavinHey,
First of all get sure that you have LV RT and FPGA as well as the NI RIO driver installed at your system.
Then the easiest way would be to use a crossover ethernet cable to directly connect the cRIO to your PC.
Give the PC a static IP Adress e.g. 100.100.100.100. Deactivate Firewall and Virus Scanners.
Reboot the cRIO with IP Reset Switch ON, then it should appear in MAX under Network Devices with IP 0.0.0.0.
Give the cRIO also a static IP like 100.100.100.111, set IP Reset switch to OFF before saving this settings.
Now you can install the software at your cRIO also via MAX.
Then you should be able to find it in LabVIEW by right-clicking "Project UntitledX" and "Add Targets and Devices".
There should be different tutorials online how to configure a cRIO or other Realtime targets.
Christian -
How to configure Multiple PPTP VPN Clients on cisco 3g supported Router
I want the router to be a PPTP VPN client to 2 independent PPTP servers, both are in different cities in Cisco routers. I have tested with one on cisco 1841 aqnd its working fine; but when I add the 2nd, its using vpdn-group 1 and therefore connecting to the wrong PPTP server:
here is the config for the one that works:
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip xxx.xxx.xxx.xxx
interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
ip nat outside
ip virtual-reassembly
zone-member security private
encapsulation ppp
ip igmp query-interval 125
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 1
no peer neighbor-route
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap-v2 ms-chap eap chap pap callin
ppp eap refuse
ppp chap hostname xxx@xxx
ppp chap password 7 xxxpassword
But if I create a vpdn-group 2 and a Dialer1 interface, with dialer-group 2, its still attempting to connect to the IP in vpdn-group 1 - how do I get it to use the 2nd vpdn-group, or how do I make this work? and which cisco 3G Router you prefer because these are remote sites and only 3G Internet service is available.I want the router to be a PPTP VPN client to 2 independent PPTP servers, both are in different cities in Cisco routers. I have tested with one on cisco 1841 aqnd its working fine; but when I add the 2nd, its using vpdn-group 1 and therefore connecting to the wrong PPTP server:
here is the config for the one that works:
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip xxx.xxx.xxx.xxx
interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
ip nat outside
ip virtual-reassembly
zone-member security private
encapsulation ppp
ip igmp query-interval 125
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 1
no peer neighbor-route
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap-v2 ms-chap eap chap pap callin
ppp eap refuse
ppp chap hostname xxx@xxx
ppp chap password 7 xxxpassword
But if I create a vpdn-group 2 and a Dialer1 interface, with dialer-group 2, its still attempting to connect to the IP in vpdn-group 1 - how do I get it to use the 2nd vpdn-group, or how do I make this work? and which cisco 3G Router you prefer because these are remote sites and only 3G Internet service is available. -
How to configure Transparent proxy on solaris 10, x86
Dear All,
I am trying to configure a transparent proxy on solaris 10, x86 system.
Can any body tell me the direction that i have to follow. I want to configure it through Sun java web proxy server 4.
Thanks and waiting for your kind reply.The thread was from quite some time. You mentioned that transparent proxy functionaliity was scheduled to be a part of one of the service packs. Have this happened yet? I cannot see it in the documentation nor i the admin GUI, but I might be looking in the wrong place.
I'm running version: 4.0.5 B04/18/2007 11:01
Kind regards -
How to configure Cisco ASA 5500 to work with the iPhone
We have Cisco ASA 5510 (latest firmware version), and apparently, according to Cisco website it is compatible with new iPhone 3G's IPSec client:
http://www.cisco.com/en/US/docs/security/vpnclient/cisco_vpnclient/iPhone/2.0/connectivity/guide/iphone.html
We've setup our first iPhone properly. It connects fine to the network, shows VPN connection as active. Gets a private IP address. But does not let any traffic go to the internal network. We thought it might be DNS problem, but it cannot connect to Exchange server even when using IP address instead of DNS. No luck either.
After checking ASA logs, we found that iPhone goes through Phase 1 authentication correctly. But then gives some kind of error, mentioning "Attribute 5".
Has anybody been successful configuring ASA5500 series (in particular 5510) to be used with iPhone?
I noticed that many people are having these problems.
Please do not post to this topic if you have ANY OTHER Cisco device.
Cisco specifies that iPhone is compatible only with Cisco ASA 5500 Security Appliances and PIX Firewalls. Neither Cisco IOS VPN routers nor the VPN 3000 Series Concentrators support the iPhone VPN capabilities.
Let's keep this topic only for users of ASA 5500 series and PIX Firewalls.
It would be extremely helpful for a large number of users if somebody posted a list of settings for ASA5500 or PIX firewall that DO work with iPhone 2.0
Thank you!
Oleg RWe found the solution and a bug in Cisco firmware (seems to be a bug).
First of all, thanks to our Chief Systems Architect Seb, here is a config that worked for us on a Cisco 5520 (latest firmware).
access-list iphone_splitTunnelAcl standard permit <insert ip> <insert mask>
access-list iphone_splitTunnelAcl standard permit <insert ip> <insert mask>
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set iphone esp-3des esp-sha-hmac
crypto ipsec transform-set iphone mode transport
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map SYSTEMDEFAULT_CRYPTOMAP 65535 set pfs
crypto dynamic-map SYSTEMDEFAULT_CRYPTOMAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5 iphone
crypto map outside_map 10 match address vpn
crypto map outside_map 10 set transform-set ESP-AES-256-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEMDEFAULT_CRYPTOMAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption aes-256
hash sha
group 5
lifetime 86400
crypto isakmp nat-traversal 20
group-policy iphone internal
group-policy iphone attributes
wins-server value <insert ip> <insert ip>
dns-server value <insert ip> <insert ip>
vpn-tunnel-protocol IPSec
ipsec-udp enable
ipsec-udp-port 10000
split-tunnel-policy tunnelspecified
split-tunnel-network-list value iphone_splitTunnelAcl
default-domain value <insert domain name>
tunnel-group iphone type remote-access
tunnel-group iphone general-attributes
address-pool VPN-Pool
authentication-server-group ActiveDirectory2
default-group-policy iphone
tunnel-group iphone ipsec-attributes
pre-shared-key <insert pre-shared key>
For iPhone you have to be using IPSec tab for configuration.
We tried to set up this config using the wizards, but it would not work.
Later it turned out that wizards by default set this setting:
"crypto isakmp nat-traversal 20"
equal to zero and there is no way to change it from the GUI.
Only after we changed it (increased the value from 0 to 20) through the command line the connection started working perfectly.
Please let me know how it works out for you.
Message was edited by: Rogik
Message was edited by: Rogik -
How to Configure MS Office Comminication Server 2007 with WebCenter Spaces?
Hello All,
Has anyone successfully configured MS Office Comminication Server(OCS 2007) with WebCenter 11g Spaces?
I have installed the RTCServices on the MS OCS server, and wll the services and wsdls are accessible. The IM is working with MS Communicator and also Communicator Web Access (CWA). The Webcenter administrator guide does not have any configuration information about how to use the RTCServices (extracted from Oracle's owc_lcs.zip, part of the Oracle Fusion Middleware Companion 11g).
In the EM's webcenter control -->Settings -->Service Configuration, I tried to create a new IM service and an External Application but not sure what the URL to use.
If anyone have a successful OCS 2007 integration, could you please share your configuration steps?
Thanks,
Johnny
Edited by: user459212 on Feb 10, 2010 12:30 PM
Edited by: user459212 on Feb 10, 2010 12:31 PMHi,
I am also facing the same issue, not sure about what url to use. And also the login webservice doesn't work while I am testing using http://localhost:81/RTC/RTCService.asmx. It always throwing the following error
" Unable to cast COM object of type 'RTCLib.RTCClientClass' to interface type 'RTCLib.IRTCClient'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{07829E45-9A34-408E-A011-BDDF13487CD1}' failed due to the following error: No such interface supported (Exception from HRESULT: 0x80004002 (E_NOINTERFACE))."
Is the current owc_lcs.zip support MS Office Communication Server 2007?
Please share the configuration step if anyone already integrated OCS 2007.
Thanks,
-Mukesh.
Edited by: user9127933 on Feb 19, 2010 4:05 AM -
How to Configure two standalone Server to access with eachother
Hi All,
I have two stand alone Servers (SQL 2000) configured in two PCs in different locations (Location A & Location B) . I want to access Location A database from Location B Viz-Versa.
1. I have a STATIC IP provided by ISP and I m using a router (Linksys E1000)
2. I have Windows Server 2003 installed on one of the PC.
3. Both the Locations are in two different places, ISP providers are also different.
How can I setup the access. I have googled a lot of solutions but not able to crack.
Regards
PradeepHi Pradeep Sriramdas,
SQL Server 2000 was out of support since April,2013. I suggest you can try to install SQL Server 2005 or later version. According to your description, you plan to connect to the SQL Server database engine from another computer, you must enable the protocol
in SQL Server Configuration Manager, such as TCP/IP;
When you want to connect to one instance from another computer, you also must open a communication port in the firewall.
In SQL Server Configuration Manager, you need to configure SQL Server to listen on a specific port; In addition, you configure the remote access server configuration option in SQL Server by using SQL Server Management Studio or Transact-SQL.
You ‘d better adding two different computer in the same domain, and choose to connect to instance via domain name.
There are more details about configuring the connection from another computer, you can review the following article.http://technet.microsoft.com/en-us/library/ms345343.aspx
http://technet.microsoft.com/en-us/library/ms191464.aspx
Regards,
Sofiya Li
Sofiya Li
TechNet Community Support -
How to configure the client tnsnames.ora parameters with a MTS Server
i have modified init.ora and start my oracle
as a MTS instance.
my client tnsnames.ora is the dedicate server
model.
how can i modify it and my clent can use
MTS server.
nullHi,
I dont think u will have to configure anything seperatley on the tnsnames.ora file to connect to a MTS Database.
I Hope i am right.
Regards,
Ganesh R -
How to configure isdn pri on gigabit interface on AS 5850 router
hello All,
i currently have a project at hand which is a voip project using sip protocol. my client wants to send voip traffic to my router using STM interface with SIP protocol. But the challenge is how do i convert the sip protocol to ISDN PRI on another STM gigabit interface before sending it to my PSTN switch for onward termination to the customer. currently i use serial interface to communicate with my PSTN using E1 for other existing clients in other to terminate calls to customers. please see sample configuration below:
interface Serial10/1:15
no ip address
encapsulation hdlc
no snmp trap link-status
trunk-group JKN
isdn switch-type primary-net5
isdn incoming-voice modem 64
isdn map address .* plan unknown type unknown
isdn send-alerting
no cdp enable
thank you.
Adekunlehello n-kirillov,
Yes i mean STM as Synchronous Transport Module for Optical Network. currently, the medium of transport for communication between my router and the PSTN switch is the serial interface whose configuration i have shown above. also currently E1 pri cables are connected to this serial interface and E1s are provision for this serial interfaces directly from the switch for communication with the PSTN switch.
the question now is that my switching team now wants be to communicate with their switch using fibre from STM interface on my router without using PRI cables. is this achievable? if yes what is the configuration like?
Maybe you are looking for
-
I would like to know the technical details about why Siri is not available on iPad 2
I bought my iPad 2 on the 26th, and I was just curious as to know the details of why this model doesn't have Siri. Is it just a technical shortcoming? Or just an incentive to purchase the newer generations? ;) It's not the end of the world to not hav
-
Bought movie on iTunes can't AirPlay to Apple tv Sound but no picture
Hi I have bought an apple tv today for the main use of buying movies. I have it all connected and soon find out I can only rent not buy from the tv. So I decided to buy from iTunes on my new iPad - the HD movie, with the intention of air playing it
-
We are about to perform an export and import of our portal system. We are running 9.0.2.0 on Windows. My question is if anyone has done this yet and what would be the database accounts and passwords for portal: portal_Schema: whats the database accou
-
Hi all, My Oracle server was working fine yesterday but today i am unable to connect due to a ORA-12523: TNS listner could not find instance appropriate for the client connection.I am able to tnsping the host. I have shutdown and restarted the databa
-
Please don' make us wait... it's time for ICAL iPhone task integration
With many app developers having great success with task/to do list, isn't time (or way past time) for Apple to allow tasks, via iCal, to flow to the iPhone and push technology to prompt users of important things to do, at a certain time? I am very bu