Cisco Application :: How To Make A Redundant Connection To A CSS11501
Feb 20, 2012
I require to connect a "css11501" two core switches to provide redundancy to the load balancing service and would like to verify this possible (Does the spanning-tree protocol officer for load balancing?)
I have CSS CSS11501 which is working fine in single arm deployment. Now I want to have redudency so that in case the switch 1 where CSS is currenlty connected is down.I can reach the CSS through the second switch 2.Both the switch are trunk with each other and CSS has one port connected with Switch 2.
We have several pairs of CSS11501 and 11503 in our network.This issue affects only one pair of CSS11503 in one of our data centres. [code] We use vrrp in one-armed mode for load balancing and they units have performed great for a number of years. We're obviously going to be migrating to ACE ... but not just yet.We have started to experience a problem with replicating the configurations between two CSS11503 in a pair.When running the commit-VipRedundConfig, it starts off happily enough, though slowly.Ending with "working" and the spinning cursor, even after 1 hour the script hasn't completed.We noted on the backup CSS that the APP configuration disappears during the process and I can't remember if this is normal behaviour.
Re-adding the app session configuration seems to interrupt the process, and when checking the configuration on the backup CSS approximately half of it is missing. Everything after the first owner is gone.
1. Configuration is too large, or just large enough to make the commit script take too long for realistic service. 2. Software bug? 3. Combination of both. 4. From now on manually add config to both CSS's and maintain it by process management.
how to capture the incoming and outgoing packets on the balancer?The load balancer is connected in between the customer DCN and cisco switches 2960.The reason of capturing both incoming and outgoing packets on the balancer is to prove to our customer that there is no packet loss issue on the balancer, and it could be some issue on their DCN network.Since it is a production server, I will need to ensure that there is no impact to the incoming and outgoing traffic on the balancer and other networking equipments as well.
Is it possible to deploy the CSS11501 in one arm design to loadbalance the authentication traffic Radius across CSACS servers which is on UDP 1645 or 1812 port, is it required to configure the NAT or not, if yes how can define the shared secret in the CSS. also tell me how to configure the keepalive for udp traffic in this scenario other then default icmp keep alive
recently when i run the commit vip redundancy script, i encountered the following error. This script has never failed in the past. Upon checking the backup CSS, i did notice that my most recent changes were actually synced. The following is the debug i have captured while running the script.
active-lb# script play commit_vip_redundancy "local 126.96.36.199 remote 188.8.131.52 -a -d" active-lb# Checking available disk space on systems ... Checking the disk space locally before continuing with the script. Verifying that another local session is not running the script. Creating script/vipr_config_sync_lock file. Verifying app and redundancy configs ... Verifying that app session is up with backup switch. Making sure app session is up. Seconds to wait before calling it quits: 60 Checking the disk space remotely before continuing with the script. Checking local and remote switch versions ... Storing the running code versions of the local and remote switch. Storing the local switch's version. Retrieving the remote switch's version. Checking remote version for 4.0 Checking if switch is BACKUP for any virtual routers and if the state is 'No Service'. Checking vip redundancy state.... Checking if backup switch is Master for any VRIDs. If it is, either a local
I have a pair of ACE 4710's that I am deploying within a datacenter. The primary and secondary ACE appliances have identical configurations except for the IP addressing and priorities for FT. The FT peer is going into a TL error state.
On the primary ACE appliance, I am able to ping and telnet from/to it without any issues. All of the routing works as it should and everything is seen in the ARP table as it should. The secondary appliance is able to ping everywhere, but telnet out of or into that appliance does not work.
I am able to see the IP addresses in the arp table and can successfully ping end to end from the secondary device, just unable to telnet into or out of it. When I try to telnet out of the secondary device, it reports that there is no route, even though the IP's I am trying to telnet to are directly connected and those interfaces are up and working (otherwise ping would fail). The exact same filters (access-lists, service-policies) are configured in the exact same format and applied to the exact same interfaces.
I tried removing all of the fault tolerance configurations and just created a Layer 3 vlan interface for management and I am still unable to telnet into or out of the appliance. This is not a complicated setup and I have to think there is something obvious that I'm missing, but I'm hung up on the fact that the config's are almost identical while one works exactly as intended and the other reports no route to host for a directly connected interface.
We are running ACE 20 modules in highly available active / standby (all active contexts on one module) mode. Currently they are on A2 (2.4) version. We are going to upgrade them to A2 (3.6a). The question is that how ling can we run them in two different SW levels? In otherwords can we have few days between upgrading both modules?
I have already raised this discussion on "LAN, Switching and Routing" group. But I guess this is the right group for my queries. So I am sending my queries in this group again.
We are using CSS 11503 with one 16FE line card. We have connected 3 servers with redundant link. So FE1-2 in Server1, FE 3-4 in Server2 and FE5-6 in Server3. Our system team has configured APA in their servers as they are using HP-Ux.
1) Do we need to do any configuration at line card.
2) Do we need to do ether-channel at loadbalancer end. if yes, can you share me any cisco doc on how to do it.
I want to learn how to make application server?I have Windows server 2008 enterprise edition and it is connected to 10 Client Machines. I want to install software programes only on server and use them on client machines without knowing server password.
This is how it looks in the configuration:
class-map type http loadbalance match-any WWW.SITENAME.COM:80_STATIC_NOT_COMPRESSABLE 10 match http url .*.xico class-map type http loadbalance match-any WWW.SITENAME.COM:80_STATIC_COMPRESSABLE 10 match http url .*.xjs 20 match http url .*.xcss class-map type http loadbalance match-any WWW.SITENAME.COM:80_DEFAULT 10 match http url .*
Questions are: Why do I see things being compressed when there is only being accounted hits in a compression:off class ?Why does enabling compression in one class (never being hit) cause hits in other clases to be compressed ?
We have CUCM & lync server setup and its working fine if any one calling each other with DNS load balancing. But customer want ot use Cisco ACE 4710 instead of DNS LB.We have configured Cisco LB and deploy but when CUCM user calling to lync user call going to disconnect after 4 sec and also Lync users unable to make call to CUCM.And also LB deploye between share point but when users are trying to open web session that time web page going to show page cannot display.
I have a computer named server and it ip is 192.168.0.5 and a live ip xxxxxxxx which is a private ip. on this system my oracle middle wear is running.I just want that people may access my application which is running on 'server' through public ip. Is it possible. If it is. then how.=]
I know the CSS is too old but I have one in production environment and I was asked if it is possible to CSS to make NAT from inside addresses and translate them into one external IP address to diferent kind of communications, for example: 172.16.4.9 and 172.16.4.10 (inside addresses) should start connection to external IP addresses destinations 184.108.40.206 / 220.127.116.11 18.104.22.168 / 22.214.171.124 and so on, the default gateway to those Servers is the CSS and I would like to know if it is possible that all connection to external world to be translate into one IP address 172.16.4.100.
We have a six node MPLS network, all nodes route to our main office for a variety of services (email, core, fire shares, Internet, etc). Therefore, the link to our main office is crucial. In the event that the MPLS link to/from our main office becomes unavailable, we would like to establish a secondary route into our main office via virtual private network. Our main office and two branch offices have redundant broadband internet connectionsWe currently have Cisco 1921 routers as our branch routers and a Cisco 2800 as our “core” router at the main office. We also have two SonicWall TZ-200 series firewalls at the two branch locations and a SonicWall NSA-2400 at our main office. The VPN connection seems to work okay.How would I configure my branch routers to advertise and route traffic out the VPN connection in the event that the MPLS leg to/from our main office is down?
The Router that I have is 2811 where it contains two Fa ports only, so I put an access switch between the two ISPs and the Fa0/0 then configured the Interface Fa0/0 with two IPs ISP1 and ISP2 as a secondary.
The problem that I faced that when ISP1 become down the another secondary IP (ISP2) stay down and the internal users have no access to the internet.
I am trying to confgure a VPN connection on a Cisco ASA 5505, and I am supposed to translate the inside network from 10.200 76.0 to host 10.1.4.204, and then from that scheme establish a VPN with the host 126.96.36.199 on network 192.168.50.0/24. I was told that this Cisco ASA appliace would be able to translate the network address as a mask in order to make the necessary connection with the other site connection.
We're using a CSS501 to load balance http requests over three servers running windows server 2003 and IIS 6. On Saturday I attempted to switch over to three new servers running the app on Server 2008 and IIS 7.5, I mirrored the used the existing setup to create the new environment (pwgecashwww01,02,03 Owner ACMENewServers and group NewServer).
Should i get a wireless adapter Or a wireless repeater Which would be better for a better connection?My router is down stairs and my xbox is upstairs.I could get the wireless adapter upstairs then do an ethernet cable straight to my xbox.
I'm using XP SP3. I'm trying to connect using the Local Area Connection for the first time. Up to now I've been using wireless but I'd like to get better performance.
Here are my current settings via IPconfig: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . :
I've tried releasing and renewing via IPconfig. Renewing gives me the following error message: An error occurred while renewing interface Local Area Connection : unable to contact your DHCP server. Request has timed out.
I've got limited connectivity. It's trying to send but cannot receive.
My laptop used to connect wireless very well. About 10 days, it lost the connection even though the wireless signals were excellent. I guess it might be due to a virus attack that disabled my wireless connection. I run System Restore on Networking but not successful.
Internet works in that I can get onto a site but not login ie banking - also can't get results once I get onto National Lottery site, login into Hotmail. The diagnostics log states it could not make an HTTPS connection but nearly every thread I have read mentions firewall problems. I don't have Norton, just Windows Firewall and Lavasoft Adaware, but turning both off doesn't change anything. My PC is a Dell, I use a Cisco modem and a Belkin wireless router for my kids to run their XBoxes, all have been fine for 2 years. [code]
i just managed to config the Cisco 877 and send it to my client,when the client connect the router from his location the router can't make VPN connection to my HQ office,i can connect to the router using the external IP adress,i tried to reset the VPN tunnel but no avail,
i have router 3845 and then it's connected with pix and then its connected with vpn tunnel to the customer router. i am here trying to make vpn connectivity for devices. so on router i did static nat statements 10.124.90.124 10.200.200.1. this type of six statements i wrote for six devices. on the pix i did