Ping a Specific Port

Question

jimbobmcgee

Asked: 2012-04-26 06:52:42 +0800 CST2012-04-26 06:52:42 +0800 CST 2012-04-26 06:52:42 +0800 CST

Interaction of devices with different VLAN configurations

772

I have an existing firewall+switching layer which is separated into per-client VLANs, with its own numbering strategy, etc. This layer is interconnected by trunk ports such that VLANs numbered on one switch are honoured on any other.

One of my clients now wants to introduce a load-balancer into their VLAN. This device also designates VLANs (e.g. to separate management traffic from balanced traffic). We still require their traffic to be separate from all other clients (which is why we have the VLANs in the first place), so it is my intent to allocate them standard access switch-ports, assigned to their VLAN, as we would if it were just another server.

I don't quite have enough test equipment in my lab to do a full workup of this, so my question is really, will it work?

More specifically:

Would a VLAN-defining device with its own VLAN strategy, plugged into an access port with my VLAN strategy cause cross-pollution of either strategy?
Does the traffic coming from that VLAN-defining device just get encapsualated twice, firstly with its own VLAN tags, then with the switching layer's VLAN tags, and could that reasonably be expected to unwind correctly (e.g. for reply traffic)?
Given that the servers will also be connected to access ports on the same client VLAN in the switching layer, will there be any difficulty with the load-balancer communicating with the servers?
Even though I am looking for the balancer to reside on an access port in the switching layer, do I have to assign the balancer's VLAN numbers to specifically coincide with or diverge from the switching layer's VLANs?
If, instead, I was looking to provide load-balancing services to multiple clients using the same balancer, is it just a case of configuring the VLAN numbers to coincide and configuring the interconnected switch and balancer ports as trunk ports?

(If it matters, the devices in question are all Cisco: ASA5540+Cat2960 at the firewall+switching layer, ACE4710 for the balancer)

Addenda

Diagram, as requested

1 Answers

Voted

resmon6 · Answer 1 · 2012-04-26T12:40:33+08:00

Best Answer

resmon6

2012-04-26T12:40:33+08:002012-04-26T12:40:33+08:00

Cisco ACE load balancers have the option to tag VLANs on a port or to use untagged access ports. You'll have no problem with this configuration. You might have to create a new VLAN for the management port of the ACE and put the server farm behind a switched only VLAN. source

0

Interaction of devices with different VLAN configurations

Addenda

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?