Hi Guys
I am not going to spend ages on ACE, nor am I going to study it that hard as hopefully it won't be part of the blueprint for much longer, I just want to get the basics so I can configure it in a jiffy
The navigation to get to the doco for this is:
Product -> Data Centre Application Services -> ACE 4700 Series
Let's quickly go over some of the concepts
The ACE Supports multiple Contexts, there is always a default context Admin
you can create contexts and assign interfaces to them, this is very similiar to contexts on an ASA
These contexts have interfaces allocated to them, and they can also have resources allocated to them such as a certain percentage of CPU etc
resource-class FIRST_RESOURCE
limit-resource all minimum 10.00 maximum equal-to-min
resource-class SECOND_RESOURCE
limit-resource all minimum 0.00 maximum unlimited
limit-resource conc-connections minimum 12.00 maximum equal-to-min
limit-resource rate bandwidth minimum 0.30 maximum equal-to-min
limit-resource rate connections minimum 9.00 maximum equal-to-min
limit-resource sticky minimum 15.00 maximum equal-to-min
limit-resource xlates minimum 25.00 maximum unlimited
ACE1/FIRST_CONTEXT# show run
Generating configuration....
probe icmp health
interval 3
This is a probe that is used for health checking, there are several types of probes and each of them has slightly differing options, the ICMP one is obviously fairly basic
rserver host HOST1
ip address 198.18.100.101
probe health
weight 100
rserver host HOST2
ip address 198.18.100.102
probe health
inservice
rserver host HOST3
ip address 198.18.100.103
probe health
inservice
Above is an example of some r-servers, you must be sure to specify the IP address and that they are in service, you can also associate a probe and a weight to individual hosts
serverfarm host WEB
predictor leastconns
rserver 198.18.100.101
weight 100
inservice
rserver 198.18.100.102
inservice
rserver 198.18.100.103
inservice
the server farm is where you group the realservers (rservers) together and also where the load balancing algorithm is specified
class-map match-all test
2 match virtual-address 198.18.100.1 tcp eq www
Next you must define your class-map that matches the virtual address and TCP Port that your virtual server will use:
After this, you specify a policy-map that matches for load-balancing and specifies your serverfarm:
policy-map type loadbalance http first-match MyPolicy
class class-default
serverfarm WEB
Now we tie it all together
policy-map multi-match mypolicy1
class test
loadbalance vip inservice
loadbalance policy MyPolicy
loadbalance vip icmp-reply
nat dynamic 1 vlan 100
class class-default
The loadbalance vip inservice brings the VIP into service, you specify your policy, if your policy doesn't have a matching class, you won't be able to specify it, you can also tell the vip to reply via ICMP if it is up and working, finally you have some dynamic NAT you can use, the number you enter here correlates to the NAT pool under the VLAN interface:
interface vlan 100
ip address 198.18.100.254 255.255.255.0
nat-pool 1 198.18.100.1 198.18.100.20 netmask 255.255.255.0 pat service-policy input mypolicy1
no shutdown
The PAT keyword is that dynamic PAT is used so you can overload the connection.
Quick, Dirty, because I don't want to spend too much time on ACE, sorry guys looking for a more definitive guide
No comments:
Post a Comment