For more details, please see ourCookie Policy.


Application Delivery (ADX)

Reply
Highlighted
kbtran
Occasional Contributor
kbtran
Posts: 11
Registered: ‎10-31-2011

Multiple vlans support

‎03-17-2016 01:59 PM

The current situaton is like this. I got a pair of ADX 1000F's runing router code. They are working in Active/Standby. I only got 1 ve interface and ports 25 and 26 are configured with LACP and untagged. This LACP interface is uplinked to my firewall cluster. This is what my current config looks like:

 

vlan 3
 untagged ethe 25 to 26
 router-interface ve 3

 

interface ve 3
 ip address x.x.x.225  255.255.255.128
 ip vrrp-extended vrid 1
  backup priority 20 track-priority 10
  advertise backup
  ip-address x.x.x.4
  vip-group 1
  track-port e 25
  enable

 

server source-nat-ip x.x.x.10 255.255.255.128 0.0.0.0 port-range 2 port-alloc-per-real
server source-nat-ip x.x.x.11 255.255.255.128 0.0.0.0 port-range 2 port-alloc-per-real

 

The ve1 interface has a /25. I use 2 IP's in that subnet for SNAT and the remaining for the VIP's. The problem right now is that the subnet starts to run low and I need to expand it. I could delete the /25 and replace it with a /23 and make some configuration changes on the ve1 interface as well as the source-nat config and that will take care of the expanding part. However, it'll destroy my VIPs and their configuration. Ofcourse I don't want to go that route. Instead, I think what I will plan to do is to add a new vlan and create a new ve2 interface like this:

 

! (existing)

vlan 3
 tagged ethe 25 to 26 !!! (notice this was untagged before. Now I have to add a new vlan so this needs to be tagged)
 router-interface ve 3

 

! (new config)

vlan 4
 tagged ethe 25 to 26
 router-interface ve 4

 

! (existing)

interface ve 3
 ip address x.x.x.225  255.255.255.128

 

! (new config)

interface ve 4
 ip address x.x.x.225  255.255.254.0

 

Can someone please confirm if the above config would meet my goal?

 

Now for the SNAT and VIP group configuration, I'm not 100% sure what to do there. Do I just keep the current config and add the following lines on top for the new /23 subnet:

 

server source-nat-ip x.x.x.10 255.255.254.0 0.0.0.0 port-range 2 port-alloc-per-real
server source-nat-ip x.x.x.11 255.255.254.0 0.0.0.0 port-range 2 port-alloc-per-real

 

My current vip-group config looks like this:

 

server vip-group 1
 vip x.x.x.12
 vip x.x.x.13

 etc.

 

What do I need to do for the new vip-group?

 

Thanks.

 

Report Inappropriate Content
Message 1 of 1 (1,867 Views)
0 Kudos

Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.

Register