In our environment, we have a Cisco CSS 11000 that has a switch off of
it. Plugged into that switch there are 2 clusters of servers. If a
server in cluster 1 talks to the VIP of cluster 2, the server that
receives the request in cluster 2 tries to respond directly to the
server in cluster 1. The packet is then dropped. We potentially have
numerous applications/servers that will fall into this scenario. What
possible solutions are there to allow these servers talk to each other
without getting crazy with VLANs.


_____
| LB |
|_____|
|
______
|Switch|
|______|
/ \
/ \
_____ _____
| 1 | | 2 |
|_____| |_____|

Any suggestions or help is much appreciated.
Thanks in advance.

Hello,

So I assume there's a direct connection between the server 1
and
server 2 by passing the switch as an alternate route to the one you
have
trough the switch (going trough a second nic), if that is so, the what
is
happening is that the packet is being drop because it comes from a non
valid
ip address. Is routing enabled in the nics of the server? disabling may
be
an option.. let us know

--
2nd Law of Thermodynamics: Chaos will Reign.

///////////////////
--Anthrax--
//////////////////

mlick2@gmail.com wrote:

The problem with the CSS is the VIP address. The servers (will say A)
will try to contact the VIP (let say VIP 1), that packet will go to CSS
and it will change the destination address of the IP packet (and I do
not remember what other things) with the real IP address of one of the
servers (will say B). The B servers will see the source address as A
(not as 1) and will reply to A withs B ip address as soruce. The
servers A will say, we do not contact B, we send the packet to 1, not
to B (because they are seing the source address of B, not the VIP).

What you have to do is to configure the CSS to send the packets with
the IP address of the VIP as source, not as the original IP source.

-as


Anthrax wrote: