1

I have just deployed a couple Cisco Catalyst 3550 switches, and a couple Alteon 184 Web Switches for load-balancing. I can ping all RIPs and VIPs to/from the Alteon.

Topology Before: (server) <-> (Alteon) <-> (Internet)

Topology Now: (server) <-> (3550) <-> Alteon <-> (Internet)

Cisco Port Configuration (Alteon Uplink Port):

description LB_1_PORT_9_PRIMARY
switchport access vlan 10
switchport mode access
switchport nonegotiate
speed 100
duplex full

Alteon Port 9 Configuration (VLAN 10 WAN):

>> Main# /c/port 9/cur
Current Port 9 configuration: enabled
    pref fast, backup gig, PVID 10, BW Contract 1024
    name UPLINK

>> Main# /c/port 9/fast/cur
Current Port 9 Fast link configuration:
    speed 100, mode full duplex, fctl none, auto off

Cisco Configuration (Load-Balanced Servers Port):

description LB_1_PORT_1_PRIMARY
switchport access vlan 30
switchport mode access
switchport nonegotiate
speed 100
duplex full

Alteon Port 1 Configuration (VLAN 30 LOAD-BALANCED LAN):

>> Main# /c/port 1/cur
Current Port 1 configuration: enabled
    pref fast, backup gig, PVID 30, BW Contract 1024
    name LB_PORT_1

>> Main# /c/port 1/fast/cur
Current Port 1 Fast link configuration:
    speed 100, mode full duplex, fctl both, auto on

Each of my servers are on vlan 10 and 30, properly communicating.

I have tried to turn on VLAN tagging on the Alteon, however it seems to cause all communications to stop working.

When I tcpdump -i vlan30 on any of the webservers, I see normal ARP communications, and some STP communications, which may or may not be part of the problem:

...
15:00:51.035882 STP 802.1d, Config, Flags [none], bridge-id 801e.00:11:5c:62:fe:80.8041, length 42
15:00:51.493154 IP 10.1.1.254.33923 > 10.1.1.1.http: Flags [S], seq 707324510, win 8760, options [mss 1460], length 0
15:00:51.493336 IP 10.1.1.1.http > 10.1.1.254.33923: Flags [S.], seq 3981707623, ack 707324511, win 65535, options [mss 1460], len                                                                                gth 0
15:00:51.493778 ARP, Request who-has 10.1.3.1 tell 10.1.3.254, length 46
etc...

I'm not sure if I've provided enough information, so please let me know if any more is necessary.

Thank you!

2 Answers2

1

you can practice on Alteon device at this online lab:

http://www.sharontools.com/online-lab/

John Gardeniers
  • 27,458
  • 12
  • 55
  • 109
dave
  • 11
  • 1
-1

From what I can tell, your problem is you made two vlans and you isolated the servers from the load balancer. Your setup is unnecessarily complicated

If vlan 30 is your "load balancer vlan" then most likely every port on the 3550 should be on access vlan 30.

You should not need to be configuring vlans on the load balancer unless you actually need it to be on multiple vlans. putting vlan 30 on the load balancer does not automatically mean that it is on the same vlan 30 that your servers are on. So either turn off vlans on the load balancer, or setup every switch port that feeds it for trunking vlan 10 and 30, and then enable vlan tagging.

Justin
  • 3,856
  • 18
  • 21
  • Well, given VLAN10 is the WAN which all incoming traffic comes in on, and VLAN30 is that of the servers behind the load-balancer, this tells me that it does need to be on multiple VLANs. One thing I'm noticing, is that the Alteon is only allowing one PVID/VLAN per port, so it almost looks as if I can't have multiple VLANs on a single port. Tagging is disabled on the Alteon. I guess what's making no sense, is that given it works with the servers directly connected, why doesn't it with a switch in between that happens to have VLANs set up? –  Mar 04 '10 at 03:33
  • because the switch is setup wrong. set every port to be switchport access vlan 30. you should not have vlan 10 on the 3550 at all. – Justin Mar 04 '10 at 04:53
  • This is not correct in any way - it's common practice to create separate logical networks between the server and loadbalancer, and between the loadbalancer and the exterior network. This is to ensure full L7 transparency. – pauska Dec 19 '11 at 13:57