We ran into this today, and, though I knew it existed, I never actually saw it in the wild. I’m talking about MAC access-lists. In the example setup, we have a DMZ off of a firewall that contains a whole mess of servers — email, web, ftp, etc. These should all be in the DMZ […]
Like (nearly) everything in the Cisco world, you can set up your CSM to fail over to another module when the primary dies a horrible death. You can have two in the same chassis or even have them in separate chassis — the process is the same no matter how you have it set up. […]
A few articles ago, we discussed getting logging up and running on your IOS box. Part of the discussion was actually having the device log remotely to a box somewhere, but that’s kind of worthless without a properly (for definitions of proper) configured syslog server. A low-end Linux box with an appropriate amount of disk […]
That’s an awesome title, eh? I’ve mentioned a router-on-a-stick before but not a data-center-on-a-stick (DCOAS). This is one of those Cisco terms I ran across a while ago and is a group of servers sort of sticking out on their own behind a load balancer and/or firewall. Connections to and from the server group go […]
I like logging on an IOS device. I like to look at the buffer and tell you that your interface went down 30 seconds ago. I like to look on the box and see that BGP with my Internet provider has been flapping since 02:13ET. I like to look and see that one of the […]
At the office, we reprovision servers like it’s going out of style. It happens so often that my cabling documentation rarely matches what’s actually out in field, which is a pretty big problem when you’re trying to find to what switch port a server is connected. I finally relegated myself to asking for the MAC […]
Alright, that’s an exaggeration, but screen is pretty freaking cool. It’s an app that’s (usually) run under Linux that lets you run commands then detach from that session and reattach later. It doesn’t seem like much, but a few examples can show what it does for me. I have a backup script at home that […]
On the CSM, you can configure a vserver to use a main and backup serverfarm which is used if a serverfarm is toast. If all the RIPs in the main farm are out-of-service, the CSM will start to treat the backup farm just as if it’s configured to be the main one. Once one or […]
Here’s a quick one for you. In Dynagen, if you want to load a configuration when you first fire up the router instance, you can use the cnfg tag in your NET file like this. cnfg = /home/jac/labs/cfg/R0.cfg If you put that in your dynagen NET file under a router, the contents of that file […]
The CSM is pretty bad little box. It not only watches layer 4 items like TCP connections, but also talks HTTP, which you can use to do some custom, or policy-based, load balancing. Policies are the objects that make custom balancing work. Like everything else (it seems) on the CSM, a policy is an object […]