Basic ACE Loadbalance Configuration

Leave a Comment / ACE, Cisco, Load balancing, Networking / By

Now that we have the basic configuration out of the way and the device is manageable, the next step is configuring the ACE to load-balance for a site.

Our task will be to configure the following;

  • Configure a health probe so that if the ACE cannot contact /probe.html, it will mark the real as inactive
  • Create real server entries for the following
    • 10.254.8.100 – Server 1
    • 10.254.8.101 – Server 2
    • 10.254.8.102 – Server 3
    • 10.254.8.103 – Server 4
  • Create a server farm with the real servers listed above, use a least connections predictor, and associate the probe with the server farm
  • Create a load balance policy for virtual IP 1.1.1.1 with the following
    • An L4 class-map to match VIP 1.1.1.1 to port 80
    • An L7 policy map to match the server farm.
    • A multi-match policy map that applies the L4 class and the L7 policy-map and puts the VIP inservice
    • Use Source-Nat for pool 1 on VLAN 67
    • Enable VIP to reply to ICMP requests
  • Create a source-nat pool on VLAN 67 in the range of 172.18.10.100 – 172.18.10.106 and use PAT.
  • Apply load balance policy to VLAN 67 in the inbound direction

The configuration for the above is;

probe http OurHTTPProbe
port 80
interval 5
passdetect interval 30
request method get url /probe.html
expect status 200 200
open 1
!
rserver host Server1
ip address 10.254.8.100
inservice
rserver host Server2
ip address 10.254.8.101
inservice
rserver host Server3
ip address 10.254.8.102
inservice
rserver host Server4
ip address 10.254.8.103
inservice
!
Serverfarm host OurServerFarm
Probe OurHTTPProbe
Predictor leastconns
rserver Server1
inservice
rserver Server2
inservice
rserver Server3
inservice
rserver Server4
inservice
!
policy-map type loadbalance first-match OurL7Policy
class class-default
serverfarm OurServerFarm
!
class-map match-all OurL4Class
match virtual-address 1.1.1.1 tcp eq www
!
policy-map multi-match OurPolicy
class OurL4Class
loadbalance vip inservice
loadbalance policy OurL7Policy
loadbalance vip icmp-reply active
nat dynamic 1 vlan 67
!
interface vlan 67
nat-pool 1 172.18.10.100 172.18.10.106 netmask 255.255.255.128 pat
service-policy input OurPolicy

I am trying to get my hands on one of our spare 6500’s and an ACE at work to do a video of all three of these last blogs I posted.

I hope you enjoyed this three-part series on an ACE and how to configure it.  We will be back to our usually scheduled programming of CCIE studying coming up shortly.