EasyManuals Logo

Cisco Catalyst 6500 Series Configuration Note

Cisco Catalyst 6500 Series
212 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #153 background imageLoading...
Page #153 background image
11-25
Catalyst 6500 Series Content Switching Module Configuration Note
OL-4612-01
Chapter 11 Configuring Firewall Load Balancing
Configuring Reverse-Sticky for Firewalls
Figure 11-8 Reverse-Sticky for Firewalls
As shown in Figure 11-8, the reverse-sticky process is as follows:
A client connects to the CSM virtual server, VS1, through a load-balanced firewall. This load
balancing decision is made without interaction with the CSM.
Server 1 creates a connection back to the original client. This connection matches virtual server
VS2. VS2 uses the sticky information inserted by the original VS1 reverse-sticky. The connection
now is forced to the same Firewall 1.
A second client, coming in through a different firewall, connects to the same VS1. Reverse-sticky
creates a new entry into database B for the second client, pointing to Firewall 2. VS1 also performs
a normal sticky to Server 1.
Server 1 creates a connection back to Client 2. The connection matches the connection in VS2. VS2
uses the sticky information inserted by the original VS1 reverse-sticky. This connection is used for
the connection to Firewall 2.
If the server had originated the first connection, the link back to the server would have been inserted
by VS2, and a normal load balancing decision would have generated a connection to one of the
firewalls.
Note This configuration supports forward direction connections (client to server) using any balancing metric.
However, the balancing metric to the firewalls from VS2 must match that of the unknown load balancer,
or the unknown load balancer must stick new buddy connections in a similar manner if client responses
to server initiated traffic are to be sent to the correct firewall.
Client
12.1.1.1
Client
12.1.1.2
Unknown load
balancer
Firewalls
Sticky "B"
Catalyst 6500
CSM
Sticky "A" Servers
Server 1
12.1.1.112.1.1.2
12.1.1.112.1.1.2
Forward VS2
Sticky insert A DST
Forward VS1
Sticky insert B SRC
Forward connection to VS1
STICKY INSERT "B"
Forward connection to VS1
STICKY INSERT "B"
Server connection decision
STICKY "B"
LB to Server 1
Match/Insert on "A"
Server initiatied
connection #1 to VS2
Server connection decision
STICKY "B"
LB to Server 1
Match/Insert on "A"
Server initiated
connection to VS2
77888

Table of Contents

Other manuals for Cisco Catalyst 6500 Series

Preview: Configuration Guide
Configuration Guide392 pages
Preview: Command Reference
Command Reference160 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Installation Note
Installation Note36 pages
Preview: Hardware Installation Guide
Hardware Installation Guide134 pages
Preview: Troubleshooting
Troubleshooting10 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 6500 Series and is the answer not in the manual?

Cisco Catalyst 6500 Series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 6500 Series
CategorySwitch
LanguageEnglish

Related product manuals