Application Delivery (ADX)

Reply
New Contributor
Posts: 2
Registered: ‎10-19-2015

Brocade Virtual Traffic Manager (VTM) Cluster - IP TRANSPARENCY

Hello

 

The setup in question includes the following:

 

  1. One Cisco ASA Firewall performing ALL NAT and ACL Operations connecting to a downstream CORE Cisco L3 Switch.
  2. Cisco L3 Switch having segregated VLANs and performing routing for the inside network.
  3. 2x Brocade VTM appliances (on VMware) operating on a Single hosted Cluster Model.
  4. Each brocade device has 2 NICs. NIC 1 on 10.4.4.0 /24 subnet and NIC 2 on 10.4.5.0 /24 subnet.
  5. Each brocade device has its management port configured on NIC 1.
  6. Each brocade device has its default gateway configured to 10.4.4.1
  7. IIS Servers reside on the following network - 10.4.6.0 /24
  8. Each brocade device has the following routing configured: Destination [10.4.6.0] Mask [255.255.255.0] GW [10.4.5.1] Interface [NIC 2] so that it can reach the production network via NIC 2.
  9. Traffic IP Groups + Virtual Servers + Pools have been configured appropriately.
  10. Public IPs are NAT'ed by the Cisco ASA to the corresponding Private IPs in the Traffic IP Group on the Brocade Cluster. Hence internet traffic is traversed to the LBs which in turn then send to the appropriate Nodes corresponding to the Pool and the Virtual Servers configured.
  11. The IIS Servers are configured with a default gateway in their local subnet which is 10.4.6.1

The above configuration works for ALL Pools perfectly.

 

However one Pool (Example_Pool) requires that the Source IP from the remote client NOT be altered during the process of it reaching the IIS Servers, hence requiring that IP Transparency be configured.

 

In order to fix this I performed the following configuration:

 

  1. Enabled IP Transparency on the Example_Pool.

My confusion now is what would be the 'Gateway' for the corresponding IIS Servers in this scenario?

 

Also - do I need to configure IP forwarding on the Brocade devices or does the fact that default gateway is configured on both the devices (10.4.5.1) covers it ?

 

 

New Contributor
Posts: 2
Registered: ‎10-19-2015

Re: Brocade Virtual Traffic Manager (VTM) Cluster - IP TRANSPARENCY

I realised that one NIC Interface from each VTM Appliance needs to be on the local network on which the IIS Servers reside.

 

Having said that - since there are 2 VTM Appliances and both are operating in a Cluster Mode - how do I create 1 VIP on the Cluster for the 2 VTM Appliances ?

 

Feel free to correct me if my approach is incorrect or I'm missing something obvious.

 

Any help will be highly appreciated.

 

Regards!

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.