Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Services Modules

Content Switching Module for Server Load Balancing and Direct Access to Real Servers Configuration Example

Downloads

Document ID: 26290


Contents

Introduction
Prerequisites
      Requirements
      Components Used
      Conventions
Configure
      Network Diagram
      Configuration
Verify
Troubleshoot
Related Information

Introduction

The Content Switching Module (CSM) can be added to a Catalyst 6500 with a Multilayer Switch Feature Card (MSFC) that runs Native IOS. This module allows ultimate performance when load balancing traffic to multiple servers or firewalls.

Typically, direct access to the servers is not available when you use a CSM. However, this configuration uses individual IP addresses in order to directly reach the servers. This configuration also shows load-balance connections to servers via the virtual address.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:

  • Cisco IOS® Software Version 12.1(11b)E1

  • Catalyst 6000

  • ROM: System Bootstrap, Version 12.0(3)XE, Release Software

  • BOOTLDR: MSFC Software (C6MSFC-BOOT-M), Version 12.1(3a)E4, Early Deployment Release Software (fc1)

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to the Cisco Technical Tips Conventions for more information on document conventions.

Configure

In this section, you are presented with the information to configure the features described in this document.

Use the Command Lookup Tool (registered customers only) to obtain more information on the commands used in this section.

Network Diagram

This document uses this network setup:

csm_slb_reals-a.gif

Configuration

In order to complete this configuration, follow these steps:

  1. Configure VLANs on the switch.

    Router#vlan database
Router(vlan)#vlan 10
VLAN 10 added:
    Name: VLAN0010
Router(vlan)#vlan 50
VLAN 50 added:
    Name: VLAN0050
Router(vlan)#exit 
APPLY completed.
Exiting....

  2. Configure ports on the switch.

    Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa 4/1
Router(config-if)#switchport
Router(config-if)#switchport access vlan 10
Router(config-if)#no shut
Router(config-if)#int fa 4/46
Router(config-if)#switchport
Router(config-if)#switchport access vlan 50
Router(config-if)#no shut
Router(config-if)#int fa 4/47
Router(config-if)#switchport
Router(config-if)#switchport access vlan 50
Router(config-if)#no shut
Router(config-if)#int fa 4/48
Router(config-if)#switchport
Router(config-if)#switchport access vlan 50
Router(config-if)#no shut   
Router(config-if)#int fa 4/45
Router(config-if)#switchport
Router(config-if)#switchport access vlan 50
Router(config-if)#no shut
Router(config-if)#exit

  3. Configure interface VLAN on MSFC for the client VLAN.

    Router(config-if)#interface vlan 10
Router(config-if)#ip address 172.17.63.229 255.255.255.192
Router(config-if)#no shut
Router(config-if)#exit

  4. Configure routing on the MSFC.

    Router(config)#ip route 10.0.0.0 255.255.255.0 172.17.63.233
Router(config)#ip route 0.0.0.0 0.0.0.0 172.17.63.193
Router(config)#

  5. Configure the CSM server VLAN.

    Router(config)#module csm 3
Router(config-module-csm)#vlan 50 server
Route(config-slb-vlan-server)#ip address 10.0.0.1 255.255.255.0
Route(config-slb-vlan-server)#gateway 172.17.63.229

  6. Configure the CSM client VLAN by configuring the IP address and gateway.

     Route(config-slb-vlan-server)#vlan 10 client
 Route(config-slb-vlan-client)#ip address 172.17.63.233 255.255.255.192
 Route(config-slb-vlan-client)#gateway 172.17.63.229
 Route(config-slb-vlan-client)#exit
 Router(config-slb-sfarm)#

  7. Configure serverfarm for direct-access.

    Router(config-module-csm)#serverfarm SERVER-SUBNETS
Router(config-slb-sfarm)#predictor forward
Router(config-slb-sfarm)#exit

  8. Configure vserver for direct-access.

    Router(config-module-csm)#vserver DIRECT-ACCESS
Router(config-slb-vserver)#virtual 10.0.0.0 255.255.255.0 any
Router(config-slb-vserver)#serverfarm SERVER-SUBNETS
Router(config-slb-vserver)#inservice
Router(config-slb-vserver)#exit
Router(config-module-csm)#exit

  9. Configure serverfarm for servers.

    Router(config-module-csm)#serverfarm SERVERS
Router(config-slb-sfarm)#nat server
Router(config-slb-sfarm)#no nat client
Router(config-slb-sfarm)#real 10.0.0.10
Router(config-slb-real)#inservice
Router(config-slb-real)#real 10.0.0.11
Router(config-slb-real)#inservice
Router(config-slb-real)#real 10.0.0.12
Router(config-slb-real)#inservice
Router(config-slb-real)#real 10.0.0.13
Router(config-slb-real)#inservice
Router(config-slb-real)#exit

  10. Configure vserver for load-balanced traffic.

    Router(config-slb-sfarm)#vserver MYSITE
Router(config-slb-vserver)#virtual 172.17.63.231 any
Router(config-slb-vserver)#serverfarm SERVERS
Router(config-slb-vserver)#inservice
Router(config-slb-vserver)#exit
Router(config-module-csm)#serverfarm SERVER-SUBNETS
Router(config-slb-sfarm)#predictor forward
Router(config-slb-sfarm)#exit
Router(config-module-csm)#exit
Router(config)#exit
Router#wr mem
Building configuration...

01:44:58: %SYS-5-CONFIG_I: Configured from console by console[OK]

Verify

Use this section to confirm that your configuration works properly.

  1. View the configuration.

    Router#show run
Building configuration...

Current configuration : 4071 bytes
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
boot bootldr bootflash:c6msfc-boot-mz.121-3a.E4
!
redundancy
 main-cpu
  auto-sync standard
ip subnet-zero
!
!
!
mls qos statistics-export interval 300
mls qos statistics-export delimiter |
module ContentSwitchingModule 3 
 vlan 50 server
  ip address 10.0.0.1 255.255.255.0
!
 vlan 10 client
  ip address 172.17.63.233 255.255.255.192
  gateway 172.17.63.229
!
 serverfarm SERVER-SUBNETS
  nat server 
  no nat client
  predictor forward
!
 serverfarm SERVERS
nat server 
  no nat client
  real 10.0.0.10
   inservice
  real 10.0.0.11
   inservice
  real 10.0.0.12
   inservice
  real 10.0.0.13
   inservice
!
 vserver DIRECT-ACCESS
  virtual 10.0.0.0 255.255.255.0 any
  serverfarm SERVER-SUBNETS
  persistent rebalance
  inservice
!
 vserver MYSITE
  virtual 172.17.63.231 any
  serverfarm SERVERS
  persistent rebalance
  inservice
!
!
!
!
interface GigabitEthernet1/1
 no ip address
 shutdown
!
interface GigabitEthernet1/2
 no ip address
 shutdown
!
interface FastEthernet4/1
 no ip address
 switchport
 switchport access vlan 10
!
interface FastEthernet4/2
 no ip address
 shutdown
!
interface FastEthernet4/3
 no ip address
 shutdown
!
!

--- output suppressed ---

!
!
interface FastEthernet4/43
 no ip address
 shutdown
!
interface FastEthernet4/44
 no ip address
 shutdown
!
interface FastEthernet4/45
 no ip address
 switchport
 switchport access vlan 50
!
interface FastEthernet4/46
 no ip address
 switchport
 switchport access vlan 50
!
interface FastEthernet4/47
 no ip address
 switchport
 switchport access vlan 50
!
interface FastEthernet4/48
 no ip address
 switchport
 switchport access vlan 50
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 172.17.63.229 255.255.255.192
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.17.63.193
ip route 10.0.0.0 255.255.255.0 172.17.63.233
no ip http server
!
!
!
line con 0
line vty 0 4
!
end

  2. Verify that the VLANs are configured on the switch processor.

    Router#show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    
1002 fddi-default                     active    
1003 token-ring-default               active    
1004 fddinet-default                  active    
1005 trnet-default                    active    

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0   
1002 fddi  101002     1500  -      -      -        -    -        0      0   
1003 tr    101003     1500  -      -      -        -    -        0      0   
1004 fdnet 101004     1500  -      -      -        ieee -        0      0   
1005 trnet 101005     1500  -      -      -        ibm  -        0      0   

Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------

Router#

  3. Verify that modules are in their proper slots.

    Router# show module
Mod Ports Card Type                              Model              Serial No.
--- ----- -------------------------------------- ------------------ -----------
  1    2  Cat 6k sup 1 Enhanced QoS (Active)     WS-X6K-SUP1A-2GE   SAD05020E10
  3    0  SLB Application Processor Complex      WS-X6066-SLB-APC   SAD051102E1
  4   48  48 port 10/100 mb RJ45                 WS-X6348-RJ-45     SAL05073TGR

Mod MAC addresses                       Hw    Fw           Sw           Status
--- ---------------------------------- ------ ------------ ------------ -------
  1  0001.c9b0.3b6c to 0001.c9b0.3b6d   7.0   5.4(2)       7.2(0.35)    Ok      
  3  0030.f271.5d28 to 0030.f271.5d2f   1.2                2.2(2a)      Ok      
  4  0004.de83.4530 to 0004.de83.455f   2.0   5.4(2)       7.2(0.35)    Ok      

Mod Sub-Module                  Model           Serial           Hw     Status 
--- --------------------------- --------------- --------------- ------- -------
  1 Policy Feature Card         WS-F6K-PFC      SAD05020NYT      1.1    Ok     
  1 MSFC Cat6k daughterboard    WS-F6K-MSFC     SAD05020B9A      1.4    Ok

  4. Check your REALs.

    Router#show modu csm 3 reals

real                  server farm      weight  state          conns
-------------------------------------------------------------------
10.0.0.10             SERVERS          8       OPERATIONAL    0        
10.0.0.11             SERVERS          8       OPERATIONAL    0        
10.0.0.12             SERVERS          8       OPERATIONAL    0        
10.0.0.13             SERVERS          8       FAILED         0        
Router#

  5. Check your vservers.

    Router#show module csm 3 vservers

slb vserver      prot  virtual                  vlan  state         conns  
---------------------------------------------------------------------------
DIRECT-ACCESS    any   10.0.0.0/24:0            ALL   OPERATIONAL   0       
MYSITE           any   172.17.63.231/32:0       ALL   OPERATIONAL   1       
Router#show module csm 3 ?
  arp           SLB arp cache listing
  capp          SLB Content Application Peering Protocol information
  conns         SLB connection information
  dfp           SLB DFP manager information
  ft            SLB ft information
  map           SLB map information
  memory        SLB memory information
  natpools      SLB client nat pool information
  policy        SLB policy information
  probe         SLB probe information
  reals         SLB real server information
  serverfarms   SLB server farm information
  static        SLB static server NAT information
  stats         SLB Statistics
  status        SLB status information
  sticky        SLB sticky database
  tech-support  SLB tech debug information
  vlan          SLB vlan information
  vservers      SLB virtual server information

  6. Check for connections on the CSM.

    Router#show module csm 3 conns

    prot vlan source                destination           state       
----------------------------------------------------------------------
In  TCP  10   171.71.78.140:53141   172.17.63.231:23      ESTAB       
Out TCP  50   10.0.0.11:23          171.71.78.140:53141   ESTAB       

In  UDP  50   10.0.0.11:1130        192.168.1.1:161       ESTAB       
Out UDP  10   192.168.1.1:161       10.0.0.11:1130        ESTAB

  7. Check the statistics on the module.

    Router#show module csm 3 stats
Connections Created:        6
Connections Destroyed:      5
Connections Current:        1
Connections Timed-Out:      0
Connections Failed:         0
Server initiated Connections:
      Created: 13, Current: 0, Failed: 13
L4 Load-Balanced Decisions: 18
L4 Rejected Connections:    1
L7 Load-Balanced Decisions: 0
L7 Rejected Connections:
      Total: 0, Parser: 0,
      Reached max parse len: 0, Cookie out of mem: 0,
      Cfg version mismatch: 0, Bad SSL2 format: 0
L4/L7 Rejected Connections:
      No policy: 0, No policy match 0,
      No real: 1, ACL denied 0,
      Server initiated: 0
Checksum Failures:  IP: 0, TCP: 0
Redirect Connections: 0,  Redirect Dropped: 0
FTP Connections:            0
MAC Frames:
      Tx: Unicast: 709, Multicast: 0, Broadcast: 155,
          Underflow Errors: 0
      Rx: Unicast: 723, Multicast: 1433, Broadcast: 83,
          Overflow Errors: 0, CRC Errors: 0

  8. Check for additional details on serverfarms.

    Router#show module csm 3 serverfarms detail
SERVER-SUBNETS, predictor = Forward, nat = SERVER
  virtuals inservice: 1, reals = 0, bind id = 0, fail action = none
  inband health config: <none<
  retcode map = <none<
  Total connections = 0

SERVERS, predictor = RoundRobin, nat = SERVER
  virtuals inservice: 1, reals = 4, bind id = 0, fail action = none
  inband health config: <none<
  retcode map = <none<
  Real servers:
    10.0.0.10, weight = 8, OPERATIONAL, conns = 0
    10.0.0.11, weight = 8, OPERATIONAL, conns = 0
    10.0.0.12, weight = 8, OPERATIONAL, conns = 0
    10.0.0.13, weight = 8, FAILED, conns = 0
  Total connections = 0

Router#
Router#show module csm 3 conns ?
  client   conns associated with a specific client IP address
  detail   Detailed output
  vserver  conns associated with a specific vserver
  |        Output modifiers
  <cr>

  9. Check for additional details on vservers.

    Router#show module csm 3 vservers detail
DIRECT-ACCESS, state = OPERATIONAL, v_index = 10
  virtual = 10.0.0.0/24:0, any, service = NONE, advertise = FALSE
  idle = 3600, replicate csrp = none, vlan = ALL, pending = 30
  max parse len = 600, persist rebalance = TRUE
  conns = 1, total conns = 1
  Default policy:
    server farm = SERVER-SUBNETS
    sticky: timer = 0, subnet = 0.0.0.0, group id = 0
  Policy           Tot Conn     Client pkts  Server pkts
  ------------------------------------------------------
  (default)        1            27           19           

MYSITE, state = OPERATIONAL, v_index = 11
  virtual = 172.17.63.231/32:0, any, service = NONE, advertise = FALSE
  idle = 3600, replicate csrp = none, vlan = ALL, pending = 30
  max parse len = 600, persist rebalance = TRUE
  conns = 0, total conns = 8
  Default policy:
    server farm = SERVERS
    sticky: timer = 0, subnet = 0.0.0.0, group id = 0
  Policy           Tot Conn     Client pkts  Server pkts
  ------------------------------------------------------
  (default)        8            539          405

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Jan 23, 2007 Document ID: 26290