I trying configure ASN traffic load balance, but doesn't works.I have one Cisco Catalyst 6509 and onde Cisco Ace10 module, in my context "PanWEB" i have the interfaces above: [code] If i try to establish a telnet session(telnet 10.96.202.10 80) i see the SYN packet passing through the ACE and going to the real server, but, the server do not response the SYN packet. I done a capture in the server using wireshark and could see that the IP address of the destination is the VIP and not the rserver ip address , this is a problem? Why can not I have the SYN + ACK from the server?
I am in the process of configuring load balancing on ACE module but struggling to configure virtual IP address for ACE module. I'm working on ACE30 module and using software version A5 (1.2). ACE module is in slot of Catalyst 6504 switch.
We have a 6509 with an ACE module. For reasons I don't fully understand the ACE is running using a BVI in bridge mode. It has loads of secondary interfaces.
I can ping all of the IPs on the BVI, but only servers in Subnet 10.7.42/42 can ping out of the the layer 3 on the 6509. I have all the routes configured properly on the 6509 pointing to the ACE for these subnets. The question is though the config has been excepted, is there a limit to the number of secondary on a BVI.
I am desiging a topology with two Cat 6509 and Two ACE Module, one ACE per Catalyst. I am thinking to use bridge mode for the customer contexts, I would like to know if the Bridged mode is an Assymetric topology.
The server gateway is the ip address of the ACE or the Router?
We are facing a strange issue, our ACE 20 got failed due to power issue , after RMA once we are installing ACE 20 to 6509 , the status LED is showing ORANGE . The sh module shows it as " Others " ... The IOS is same as it was previously in 6509 .
I'm looking for a way to configure Cisco ACE4710 loadbalancer to bypass traffic that is initiated from server side to Internet?Are there any way to configure this, so that the loadbalancer will not maintain session for this bypass traffic to maximize throughput?
We are using several contexts for each customer in our ACE module.One of the customer contexts needs to activate XML API to control their services.I've tried to activate it, but cannot get any http response, what can be missing?ACE10 version A2(3.6a)
class-map type management match-any HTTP-ALLOW_CLASS 2 match protocol http source-address 10.110.0.0 255.255.254.0 3 match protocol http source-address 10.60.208.80 255.255.255.248 class-map type management match-any HTTPS-ALLOW_CLASS 2 match protocol https source-address 10.110.0.0 255.255.254.0 3 match protocol https source-address 10.60.208.80 255.255.255.248
how a static entry under a "sticky" performs Configuring Static IP Address Sticky Table Entries Cisco Documentation Says When you configure a static entry, the ACE enters it into the sticky table immediately. Configuring the ACE Action on Server Failure failaction purge # The purge keyword specifies that the ACE remove the connections to a real server if that real server in the server farm fails after you enter the command. The ACE sends a reset (RST) to both the client and the server that failed. Cisco Documentation Says If you do not configure this command, the ACE takes no action when a server fails
We have a 6509-e (WS-C6509-E V04) with (4) (WS-X6148-GE-TX) 48 port modules and a supervisor 32 (WS-SUP32-GE-3B).We purchased a supervisor 720 (WS-SUP720-3B) and (2) (WS-6708-10G-3C) 8 port fiber modules and (1) WS-X6748-GE-TX)48 port module to add to the switch. My question is what is the best way to swap out the supervisor module? Can the SUP720 be added as a standby module so that the config can be transferred? Probably a long shot. Is there anything in this swap that I should be concerned with? The other three modules should be pretty straight forward.
we have two 6509 catalyst. we bought two new SFM-capable 16 port 1000mb GBIC/WS-X6516A-GBIC module. but our catalysts doesnt support them. we don't know the reason. we tried on another 6500 series catalyst they worked.
here are the outputs from our 6509:
Core-SW-1#sh module Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------- 1 0 1-subslot SPA Interface Processor-600 7600-SIP-600 JAE14090958 2 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL1413DX2B 3 16 CEF720 16 port 10GE WS-X6716-10GE SAL1414EL2Q 4 1 Application Control Engine Module ACE20-MOD-K9 SAD1408036Z 5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G SAL1414ERDT 6 5 Supervisor Engine 720 10GE (RPR-Warm) VS-S720-10G SAL1414ERE3 7 16 CEF720 16 port 10GE WS-X6716-10GE SAL1414ER93 8 16 SFM-capable 16 port 1000mb GBIC WS-X6516A-GBIC SAL1326SVBS(code)
I want to deploy a high availability solution for web servers in two data centers. In the primary data center I have deployed a group of web server and I want two deploy additional servers in a secondary data center for disaster recovery and high availability. Reviewing the documentation, looks like the GSS4492 is the solution for my company needs but I am not sure if I have to implement just the GSS or if I need a ACE4700 integrated with the GSS?.
I have a pair of 6509-E Switches running VS-720 Supervisors. We are planning to add Ace Module onto the 6509-E. Will IP Base Image suffice the requirement? Will Ace Module work with only IP Base Image?
I have a switch Cisco WS-C6509-E WS-X6716-10G-3C module ( module for 10 GB) , i have the IOS s72033-ipservicesk9-mz.122-18.SXF9.bin. I want to know if this IOS can support this module or not ? or , if i must do a upgrade , is that the IOS : "s72033-ipservicesk9_wan-mz.122-33.SXH8" work fine ?
I recently installed the license ACE-SSL-05K-K9 on ACE10 with multicontext solution.The license provides 5000 Maximum number of SSL transactions per second (TPS).The customer would like to track this to find out the correct size and in the case of services https upgrade licenses.Can I do it so through particular output or it's necessary monitoring with snmp service? In the second case, can you tell me the oid string to use?
In case the module should receive a higher number of connections to that provided by the license, what's the issue for new https connections?
We are using a Ace module running version 3.0?We do have a service which can now be reached by a url like https://www.xxx.com/yyy/ < notice the last /This is running via the Ace which terminates SSL and so on..
So now our client wants an url like https://www.yyy.com . The backend realservers and place of virtual dirs on IIS stays the same.
So now /yyy/ needs to be added to the backend realserver request, so the correct virtual dir is used. Therfore I need to add this Uri towards the realserver.
The below is the display that I get on the screen when i boot the device.There are two error's one is when the daughter card is found and device give us login access after which it reboot’s. The second is stated below (this is a screen copy of the error)
INIT: version 2.85 booting/mnt/cf/TN-CONFIG on /TN-CONFIG type ext3 (rw,sync,loop=/dev/loop0)/mnt/cf/TN-CERTKEY-STORAGE on /TN-CERTKEY-STORAGE type ext3 (rw,sync,loop=/dev/loop1)/mnt/cf/TN-LOGFILE on /TN-LOGFILE type ext3 (rw,sync,loop=/dev/loop2)/mnt/cf/TN-HOME on /TN-HOME type ext3 (rw,sync,loop=/dev/loop3)/mnt/cf/TN-COREFILE on /TN-COREFILE type ext3 (rw,sync,loop=/dev/loop4)insmod: error inserting [Code]...
Suffered a big outage on the network, the fix was to reload the module 3 on the 6509 switch, we had these errors on the log %CONST_DIAG-SW1_SP-3-HM_PORT_TEST_FAIL: Switch 1 Module 3 TestUnusedPortLoopback Port(s)[24,46] failed. System operation continues.in the end, we reloaded the card and it was all ok. is there anything I can do to check the card / or any deeper logs? would that error cause the card to crash?
I have a cisco 6509 configured with a cisco NAM module. I have reset the config of the NAM module by the config clear command. Since this moment I can't no more ping the NAM module via the management port: OK via the 127.0.0.91 address and log in ok via the ios cli session command. [code] I have already tried to reboot the module via the ios cli hw module command and nothing better.
I have a cisco 6509 (ws-c6509-e) IOS 12.2.(18)SXF6 with the following modules and submodules: [code] I would like to add another module, I have WS-6816-GBIC or WS-6516-GBIC which one will work with my 6509 ? The 6509 has four module slots empty: 4-7-8-9, Can I add the card in one of these slots ?
How I can shutdown a module when I am running vsl.I can use the following command #hw-module module 2 shutdown.As I have modules in both switch 1 and switch 2 how can I ensure I only shut down module 2 in switch 1.
We have a VSS environment with two Cisco 6509-Es. IOS image:s72033-ipservicesk9_wan-mz.122-33.SXI5 when I switch on or reload the Core switches(VSS), I find a Minor Error in the "Show module switch all" command.I also did a "show diagnostic result switch 1 module 5"Switch 1 Module 5: Supervisor Engine 720 10GE (Active) SerialNo : SAL1521E035
Overall Diagnostic Result for Switch 1 Module 5 : MINOR ERROR Diagnostic level at card bootup: complete Test results: (. = Pass, F = Fail, U = Untested) 45) TestVslLocalLoopback: Port 1 2 3 4 5 ------------------- U U U . F
This issue temporarily relieves when reseating the X2 module, but reappears after reloading the switch.