Application Delivery (ADX)

Reply
Occasional Contributor
Posts: 7
Registered: ‎03-15-2016
Accepted Solution

Cant connect to the VIP

Hi,

 

Brocade newb here.

I am trying to setup configuration based on what I've learnt in the ServerIron Load Balancing guide.

I have setup my servers (real and virtual). All are on the same subnet as the management interface.

But while I can easily reach the mgmt IP, I cannot ping or reach the VIP from any server on the subnet.

I'm sure there's something I am missing, but I have no clue. 

I would be grateful for any assistance.
Here's my current configuration:

 

!
server real prod-web01 192.168.72.11
 port http
 port http keepalive
 port http url "GET /status.html"
 port ssl
 port ssl keepalive
 port ssl url "GET /status.html"
!
server real prod-web02 192.168.72.12
 port http
 port http keepalive
 port http url "GET /status.html"
 port ssl
 port ssl keepalive
 port ssl url "GET /status.html"                                  
!                                                                 
!                                                                 
server virtual prod-webVIP 192.168.72.13                       
 predictor round-robin                                            
 port http                                                        
 port ssl sticky                                                  
 bind http prod-web01 http prod-web02 http                  
 bind ssl prod-web01 ssl prod-web02 ssl   
!
vlan 1 name DEFAULT-VLAN by port                                  
!                                                                 
aaa authentication web-server default local                       
enable telnet authentication                                      
enable super-user-password .....                                  
no enable aaa console                                             
hostname lb01                                                   
ip dns domain-name mng.dom                                        
ip dns server-address 8.8.8.8 192.168.71.3 192.168.71.4 192.168.71.5
ip route 0.0.0.0 0.0.0.0 192.168.72.1                             
!                                                                 
no telnet server                                                  
username admin password .....                                                                    
no snmp-server enable traps locked-addr                           
no web-management ui-history-collect                              
!                                                                 
interface management 1                                            
 ip address 192.168.72.253 255.255.255.0                          
!                                                                 
interface ethernet 1                                              
 ip address 192.168.70.70 255.255.255.0                           
!                                                                 
access-list 10 permit any

 

Occasional Contributor
Posts: 7
Registered: ‎03-15-2016

Re: Cant connect to the VIP

I should add that arpinging the IP yields responses but no results from regular ping.

Could this be a licensing issue?

 

results:

ping 192.168.72.13 -c2
PING 192.168.72.13 (192.168.72.13) 56(84) bytes of data.

--- 192.168.72.13 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

 

arping -I br72 192.168.72.13 -b
ARPING 192.168.72.13 from 192.168.72.101 br72
Unicast reply from 192.168.72.13 [02:1B:ED:05:9E:E0] 0.715ms
Unicast reply from 192.168.72.13 [02:1B:ED:05:9E:E0] 0.731ms
Unicast reply from 192.168.72.13 [02:1B:ED:05:9E:E0] 0.691ms
Unicast reply from 192.168.72.13 [02:1B:ED:05:9E:E0] 0.726ms
Unicast reply from 192.168.72.13 [02:1B:ED:05:9E:E0] 0.754ms
^CSent 5 probes (5 broadcast(s))

 

 

Occasional Contributor
Posts: 7
Registered: ‎03-15-2016

Re: Cant connect to the VIP

Also from the "sh server virtual" view:

Name: ng-prod-webVIP State: Enabled IF UP IP:192.168.72.13: 1
Pred: round-robin ACL-Id: 0 TotalConn: 0
VIP state: Not healthy

Rx pkts: 0 Tx pkts: 0
Rx bytes: 0 Tx bytes: 0
Rx PPS: 0 Tx PPS: 0
Rx Throughput: 0 Kbps Tx Throughput: 0 Kbps
tcp-conn-rate: 0 udp-conn-rate: 0
CPS: 0 CurrConn: 0
Note: The above statistics lag by 1 second

Port State Sticky Concur Proxy DSR CurConn TotConn PeakConn
---- ----- ------ ------ ----- --- ------- ------- --------
default enabled NO NO NO NO 0 0 0
http enabled NO NO NO NO 0 0 0
ssl enabled YES NO NO NO 0 0 0

Port Rx-pkts Tx-pkts Rx-octet Tx-octet
---- ------- ------- -------- --------
default 0 0 0 0
http 0 0 0 0
ssl 0 0 0 0

External Moderator
Posts: 4,780
Registered: ‎02-23-2004

Re: Cant connect to the VIP

[ Edited ]

Hi sinaowolabi,

 

first at all, this is just my stupid imput, I'm not the most expert with such plattforms.

 

In any case, if I'm wrong please ingnore my post.

 

last time I work with any Load Balancer, is long time ago, as Intel acquired - Years 2000 ? - IPivot and Shiva, and they offer later as NetStructure Product Family

 

IPivot, was the Dino's on the Load Balancer Market

 

you wrote, and I'm really fighting to understand what you mean with

 

->>>But while I can easily reach the mgmt IP, I cannot ping or reach the VIP from any server on the subnet.

 

howsoever, if I understand you problem correct, in order to reach the VIP - I think !!! - the request must processed trough a NAT, otherwise you cannot Balance the traffic via the same IP, for this reason is the VIP not reachable.

 

 

 

 

TechHelp24
Occasional Contributor
Posts: 7
Registered: ‎03-15-2016

Re: Cant connect to the VIP

Hi

 

Please look at my configuration again.

You'll notice that all the IPs are on the same subnet.

(mgmt, vip, real servers).

 

Where does the NAT come in?

External Moderator
Posts: 4,780
Registered: ‎02-23-2004

Re: Cant connect to the VIP

[ Edited ]

sinaowolabi,

 

as I saied, I'm no big experienced with ADX Plattforms, and is probable I'm wrong.

 

->Where does the NAT come in?

 

For NAT settings, please consult the Load Balancing Guide.

 

http://www.brocade.com/content/dam/common/documents/content-types/configuration-guide/serveriron-12502-slbguide.pdf

 

 

TechHelp24
Occasional Contributor
Posts: 7
Registered: ‎03-15-2016

Re: Cant connect to the VIP

I figured it out.

Apparently I had the mgmt1 interface in the same subnet as the VIP (which the diagrams seemed to indicate was the way to do it.)

I switched the mgmt1 interface to a different subnet, and added an IP and a cable to eth1. With eth1 and the VIP, and the real servers being in the same subnet.

I also had to use dsr mode and add loopback interfaces to the real servers before the ADX 1000 would agree to load balance, it wouldn't load balance with the simple case presented in the load balancing guide.


Well at least it's working now.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.