Load balancing ASA question - what IP I do direct clients too?

Similar Questions

• The order of failover and load balancing

  Hello

  I have the following scenario. An ESXi with 4 Gbps vmnic. The questions are:

  (1) if I have a group of ports configured for 'Route based on the original virtual Port code' in the policy of balancing load, and for the same port group I the option button 'Override switch failover command"checked, where I set up 3 of the active adapters vmnic, as well as the other vmic remaining as unused adapter, the ESXi uses the policy that I have configured (in this case 'Route based on the original port code') between the three vmnic load balancing marked as active? Or he uses them in the order that they appear in the section active cards?

  (2) Suppossed, I configured the four physical switch ports in an etherchannel group to use 'Route based on the IP hash' load balancing policy. In this situation, then I configured for a certain group of port to only used two active adapters and two others as unused? In this case, ESXi should balance the load using the method hash IP but only in two active adapters? Or it is a misconfigiuration and I should not configure my nic teaming in this way?

  (3) the official setup guide says "NOTICE on IP requires the physical switch be configured with etherchannel. For all other options, etherchannel must be disabled. ». How can I I configured my virtual network, if I have a few groups of political ports based on the hash of the IP to use load balancing and another uses 'Route based on the original port code. This is the case when I for example have two management ports using the same vSwitch with four vmnic (where they are configured as an Etherchannel in the physical switch). I would port one or several groups for virtual machines that use the IP of the hash method of balancing the load and vmkernel ports por management uses only a single adapter active with no back and as "based on the source port ID" load balancing as best practices said.

  Now, the four vmnic is the same for all traffic. The physical switch ports must be configured in an etherchannel group because certain groups of ports will use the method of IP hash, but others are not. The configuration guide I said SHOULD NOT use etherchannel if I won't use the hash IP method, but I'LL use it, but only in groups of one or more ports.

  Maybe I do not share the same vmnic from this situation.

  Finally, it's a philosophical question. What is the difference between 'The route based on the source port ID' and the 'road based on the source MAC Hash' load balancing policy? What is the purpose of the second? It is assumed that if I had two different MAC address in a virtual machine, it would be because I had two different virtual cards inside the virtual machine, which would be connected to two different port ID in the vSwitch, I can use the first strategy (based on the original port code). In other words, which would be the case where I had the traffic entering the same vSwitch but port ID with different source MAC address, so I should chose the method to distinguish the Source MAC address load balancing traffic?

  Thank you.

  Guido.

  (1) as long as you override vmnic only and don't change the policy for this group of ports, he uses the policy configured at level vSwitch and use the selected interface 3 with this policy

  (2) it should work, I don't think it's a problem for the switch receive packets on a subset of the aggregation. I do not think that Etherchannel is supported (IIRC, it is a Cisco proprietary protocol, VMware only supports LACP passive, which corresponds to the Port channel world Cisco.) Trouble me if I'm wrong!)

  (3) I think that's all right, as I have explained in 2), there is no special negotiations with the consolidation of VMware, the important thing only I know is to configure the port on the side of the switch channel if you decide to use the IP hash (that will lead to important questions)

  4) (self labeled) I think it may differ in some cases individuals, as when the operating system use the same MAC address for both NICs (aggregation in-vm) or if you advertise several MAC address for the same network card (ESX in a VM for example would make for its VM). Such cases differently affect this setting.

  That is the right question, and I'm curious to know if someone wants to develop on it!

• ACS load balancing

  If I have CSS and I want to load balance 2 ACS. what I need to do one of them is active and seoncde backup or I can load balance between the server of the sentence.

  If Yes is that it does not affect authentication, and the database.

  If there is any article it wile be more better

  Hello

  A more classic approach will result in a third 'master' server that is used for administrative tasks. This replica config on the two slaves load balancing.

  Mounira

• Cisco RV016 failover & load balance Multi WAN question

  Hello

  I think the RV016 is the camera to buy for our small building, but I'm a bit confused in the manual if my scheduled configuration is possible, so if you could confirm if this is possible I would appreciate it.

  We have a leased line as our main connection (lets call him WAN1). If this connection is not available, I don't want to load balance to any other network WAN.

  We have 2 netgear 4G devices identical (we'll call WAN 2 and 3 WAN). If the leased line is not available, I would like to then load balance these two WAN connections.

  Then I have a final connection, WAN4 as a slow adsl line. I don't know right now if I want to load balance this WAN1 or just have it as a backup to WAN2 and WAN3 failure (WAN2 and WAN3 have a 20 GB data limit each on their monthly allowance of the contract, if the leased line is down for more than a couple of days, what is unfortunately already happened) (then we reached this limit and then there is charged with extremely expensive data or just use the only ADSL)

  In any case, it's normal, I want to balance the load. I want to only load balance WAN3 and WAN2 WAN1 fails.

  Anyone know if this is possible? If not, is there any other similar device which would be appropriate?

  Thank you

  Ben

  Hi Bencarroll01,

  With RV016 you can get what you need.

  RV016 supports up to 7 WAN connection, and there are two mode of operation

  • Swing smart (Auto Mode): This option allows you to balance traffic between all interfaces increase the available bandwidth. The router balance traffic between the weighted alternating interfaces.
  • Group of IP (by users): Select this option for trafficking group on each WAN interface by levels of priority or classes of service (CoS). With this feature, you can ensure the bandwidth and a more high priority for specified services and users. All traffic that is not added to the IP group uses Intelligent balancing mode. To specify the services and users, click modify for the WAN interface and then add the entries of binding protocol for each service, IP address or IP address range.

  For our case, we must have RV016 configured with IP Group(By User), so in this case, we can configure binding protocol that we can specify and force all traffic from any IP address of the local network outside through WAN1. and any other WAN connection they always towards the TOP but not the traffic passing through them

  Now if WAN1 is down, immediately the rule to redirect traffic WAN 1 will be disabled and all traffic will pass through the rest of the WAN connection

  After that if the WAN1 is once again the binding protocol rule will be active again and again all the traffic will be done by WAN 1

  Please let me know if you have any other questions

  Please rate this post or marked as replied to help other customers of Cisco

  Greetings

  Mehdi

• What load balancing algorithm using the LRT224?

  I was wondering if anyone knew what algorithm of load balancing the LRT224 use since I can't find it anywhere and the telephone support line does not.  It is very similar to the RV320 of Cisco that uses Weighted Round Robin, but I don't think that the Linksys uses this algorithm because it includes speeds of bandwidth unlike the cisco that does not work.  and if anyone can also check that this unit doesn't package base rather than load balanced session load balancing.  as much information as possible would be appreciated!

  The standard of the LRT load balancing is alternated:

  Example:

  1 TCP connection to website-online WAN1

  2 TCP connection to website2.com-online WAN2

  3 TCP connection to website2.com-online WAN1

  4 TCP connection to website1.com-online WAN2

  If you enable the feature (recommended) sticky load balancing load balancing is done on a base per session instead of the base of the connection.

  Example:

  1 TCP connection to website-online WAN1

  2 TCP connection to website2.com-online WAN2

  3 TCP connection to website2.com-online WAN2

  4 TCP connection to website1.com-online WAN1

• Load balancing question

  Hi all

  I have a question on the load balancing between several hosts of session.

  We have 6 Guest session, I created a managed with a specifik balancing application rule "Session desktop host advanced remotely. last Friday, he started a few problems, but we have not made any changes.

  the fist session host server had 71 active users and other servers were only 30.

  How is that possible?

  Do I have to put the rule on each server load balancing?

  Hello Sander,

  You must apply the rule individually for each RDSH of load balancing. Not on the managed desktop application. In our configuration, this does not work then maybe of the same counts for you.

  concerning

  Sijtze

• ASA Vpn load balancing and failover

  Hi all.

  We have two asa5520 configured as main unit and emergency in failover configuration, and everything works fine.

  Is it possible with this configuration (switch), configure the vpn load balancing/grouping?

  Thank you

  Daniele

  Hi Daniele,

  You cannot run two of them on two firewalls ASA, VPN feature load balancing or failover functionality.

  Where you need to use the two feature, you must use more than three ASA firewall, two first ASAs will work as the failover and the ASA third will work as cluster VPN for them, the following example uses four firewalls:

  ASA1 (active FO) - ASA2 (TF Standby)

  (VPN virtual master)

  |

  |

  |

  |

  (Backup VPN device)

  ASA3 (active FO) - ASA4 (TF Standby)

  Kind regards

  Wajih

• Can someone tell me what the recommendation of Oracle is on how to best configure the load balancer?

  We are currently using the "configuration.properties" file to identify load balancing our servers, but we are curious to see if it is the recommended method to configure load balancing, or if there is a better way.

  I opened a case with Oracle support and asked the same questions - entry configuration.properties of the file servers is the only supported method used by Peoplesoft to balancing upward through 8.54.

  See also: how the Installer Application Server Load balancing and failover (Doc ID 1252846.1)

• PIX OSPF question load balancing

  I have a pix 515e with two default routes, via OSPF from two routers on the "outside" interface

  Route #2 is currently being preferred spending much more than the #1 router. There are thousands of destinations for traffic. These two routers are still NAT nat rfc1918 IP Internet (the pix doesn't nat)

  Can you get it someone please let me know how the PIX is load balancing? is it by destination IP address? is it something else?

  Thank you

  Joe

  TAC:

  "the PIX will be per destination load balancing instead of by package

  load balancing. The algorithm will look at the source and destination

  addresses. It is not 1:1 load balancing. Given quite different

  the source address and destination, the packets will reach more or less one

  spindle of 50-50 between the two next-hops. However, in the real world test

  with the same source and destination addresses, it may not reach the same

  load balancing. »

• PIX / ASA - OSPF load balancing

  Hello

  I read the balance a route via OSPF equal cost load the PIX. It will send packages via per package, or is there another method for distibuting the traffic to the break following equal cost?

  Thank you!!

  Lee

  Hello Lawrence,.

  PIX 6.3 now supports the NLB using OSPF only (up to 3 default routes)

  The PIX can receive up to 3 doors by default (all the same metric) 3 different routes of entry, and

  balance the load on a per destination basis. Currently, there is no way the PIX to

  determine which carries a package will be sent to. You cannot currently use static routes

  for load balancing.

  The used hash algorithm is not simple, it is very difficult to determine which

  Route (next hop) a package will be given an IP Source and Destination pair. Basically,.

  the PIX takes the source and destination IPs (two 32-bit numbers) and axe in one

  16-bit unique number. Then the number of 16-bit (0x0000 - 0xFFFF) is divided into thirds.

  The first 1/3 goes to the door of entry 1, the next 1/3 goes to the door of entry 2, and the last 1/3 goes to

  Gateway 3.

  I hope this helps! If Yes, please rate.

  Thank you

• What is the alternative of F5 BIG - IP LTM for OEM 12 c load balancing

  We want to apply the service load balancing, however recommended to oracle

  F5 BIG - IP LTM for OEM 12 c load balancing

  How much does it cost? and is there a free alternative, we can use which supported by Oracle?

  Thank you

  I doubt that my company will pay for the SLB.  If not buy one of these solutions, which can set up?

• Windows Server 2008 R2 Network Load Balance question

  Hello

  I got my hooked VMs when a network load balancing in Windows Server 2008 R2 clustering.

  This only happens for Windows Server 2008 R2, Windows Server 2008 with SP2 is OK.

  And I use VMware ESXi 4, I don't know if this has been addressed in ESXi 4 U1.

  Can someone give some advice?

  Thank you very much

  I would try the update 1 - it correctly supports Windows 2008 R2 x 64, where like esxi4 don't...

• RAC load balancing question

  We have added a third node of a cluster with two nodes on 11/7. Before the addition, expenses (via the OS uptime command or above) on the two first nodes were included between 20 and 40. The first node was the more active of the two, rarely fall below 30, but on both charges were very high. These first two nodes have two dual core CPU with 16 GB of RAM, who have six cases of db on each. The third node has two quad core CPU and 16 GB of RAM. We added only the busiest db on the third node, so there is only a single instance. We have added the third node to all remote to connect DB files tnsnames, with LOAD_BALANCE = yes. For the first week, Sunday 11/7 to Sunday 11/14, most incoming connections were still nodes 1 and 2. Connections have been made to node 3, but not as much as we would like. However, since this last Sunday 11/14, the majority of the connections are nodes 2 and 3. Rarely a connection will node 1. We can connect directly on node 1 with no problems. Nothing has changed over the weekend and nothing has been restarted. Is something that takes a while to 'calibrate' load balancing? Is there something that we can check or change to give a more balanced load? We are new on the PAP, so we are puzzled as to why it happened this way. Any guidance or advice is greatly appreciated.

  You must configure at the level load balancing server-side.

  (1) register all instances in any listener by setting local_listener and remote_listener of init parameters
  (2) CLB_GOAL set of each service, to set the expected duration of connections ("SHORT" for the pools of connections or "LONG" for forms)
  (3) set the GOAL of each services, updated the workload expected (FLOW for batch) or TIME of SERVICE for web sessions

• Nexus1000V load balancing

  Hello

  could someone help me to clarify this...

  In our environment, we have a Nexus1000V. VEM is connected to two switches uplink. At this point neither mac-pinning or vPC - HM are used and nexus is running the default load balancing mechanism (source-mac). I see a mac-beating on the switches uplink to servers in the VCenter. If source-mac has been used should not the mac address of a virtual machine be persistent on a specific switch, assuming he is not moved to an another ESXi?

  We intend to change our port to link rising-profiles mac - pinning or vPC - HM. The documentation states that, in this case, the virtual machines are associated with an uplink of alternating. So, what is the use of the load balancing in this case? Load Balancing have effect only if good LACP is trained (stackable switches etc.)?

  One last question:

  If mac - pinning is used and a link fails, then all vm traffic will be sent to the second link. If the first link is displayed again, while traffic for virtual machines that have been associated with the first link, be moved to the first or the traffic will continue to flow on the second?

  Thank you in advance,

  Katerina

  Hi Katerina,

  I have configured my lab for "auto channel-group" and the two links are in a port channel.

  MEC considered the two uplinks as the same interface.

  Module # 4 N1K vem run vemcmd see the port
  The State of the link Admin LTL VSM Port PC - LTL SGID Vem Port Type
  19 Eth4/3 UP UP F / 1039 B * 0 vmnic2
  20 Eth4/4 UP UP F / 1039 B * 0 vmnic3
  49 UP UP FWD 0 0 vmk1 Veth9

  * SGID designates sup group ID

  After the release, Vmk1 traffic can take vmnic2 or vmnic3. N1k sees this as an outgoing interface port-channel. In order to avoid the beating of mac, we need to configure the two switchports upstream in a logical interface.

  Now, MAC pinning configured, run us the same command

  Module # 4 N1K vem run vemcmd see the port
  The State of the link Admin LTL VSM Port PC - LTL SGID Vem Port Type
  19 Eth4/3 UP UP F / 1040 B * 2 vmnic2
  20 Eth4/4 UP UP F / 1040 B * 3 vmnic3
  49 UP UP FWD 0 2 vmk1 Veth9

  vmnic2 and vmnic3 are considered two different outgoing interfaces. There is no switchport upstream requirements.

  HTH,

  Joe

• TMS 14.5 and redundancy with F5 load balancing

  Hello

  I'm looking in the installation guide for TMS 14.5 to design redundancy TMS with the F5 for one of my clients. I wonder if there is any requirement of specific network for the TMS1, TMS2 and F5 must be in the same VLAN or not. My client have a TMS with TMSPE and deploy the TMS Server 2nd in different data center and will use existing F5 load balancing. They cannot have the same VLAN as a current TMS server in the new data where 2nd MSDS server will be Center. Existing F5 load balancing is also, in the VLAN different already.

  y at - there no specific review we need to take care of the redundancy?

  Thank you

  Chris

  As the TMS 14.4, TMS no longer an active/active load-balanced mode and now works as active/passive.

  You can find the details in the "Configure a redundant deployment" section of the Installation of TMS and Upgrade Guide (latest version 14.6 related).

  As long as both devices are accessible (and your F5 can route traffic to each of them according to the needs), it does not matter what VLAN, subnet or a location that each MSDS server resides on.  Information of VLAN in the guide are just one example of how it can be configured in a simple load balancing scenario.

  Wayne
  --
  Remember the frequency responses and mark your question as answered as appropriate.