Server Load Balancing (SLB) Services Between VRFs (S-Series)

SLB is the process by which a service is provided by a proxy device for a set of real servers (the actual server devices) that implement the service. The proxy device load balances the service by distributing the service between itself and the real servers. LSNAT provides SLB services on the S-Series platform. An SLB configuration consists of a virtual server, acting as the proxy device, and a server-farm made up of one or more real servers.

The virtual server configuration specifies:

• A Virtual IP address (VIP)
• Either a UDP or TCP port number to listen for client requests on
• A server-farm from which a real server is selected to handle a client request

The server-farm configuration specifies:

• A list of real servers
• A load balancing method

The virtual server selects a real server to handle a client request for a service.

SLB services can be configured on a single VRF and shared with multiple non-SLB configured VRFs, by specifying the all-vrfs parameter when configuring the virtual server.

Sharing SLB Services With Multiple VRFs presents an example of an SLB all-VRFs configuration. The packet processing and flow for this example is as follows:

1. Packet A ingresses the router on VLAN 10, IP address 192.168.10.15 of VRF Alpha-Group. Packet A‘s destination is the virtual server 10.21.141.100 which is configured for all-VRF on VRF Services.
2. VRFs Alpha-Group and Beta-Group contain overlapping IP networks. See VRFs With Overlapping IP Networks (S-Series) for a full explanation of how overlapping IP networks are handled in a VRF environment. VRF Services is configured with the “local-net” source NAT pool with an address range 192.168.16.51 through 192.168.16.55. VRF Services performs Network Address Translation (NAT) on Packet A. An SLB binding is created, selecting the new addresses from the “local-net” pool. The SLB binding stores both sets of addresses that make up the network address translation.
3. Packet A is forwarded to the selected real server by VRF Services.
4. The real server responds with Packet B. The source address for Packet B is the real server. The destination address for Packet B is the NATed address on VRF Services.
5. On VRF Services, Packet B‘s source address is changed to the pre-NATed virtual server address 10.21.141.100 and the destination address is changed to the pre-NATed VRF Alpha-Group address 192.168.10.15.
6. Packet B is forwarded to VRF Alpha-Group.

System(su)->router Services
System(su-Services)->configure
System(su-Services-config)->ip nat pool local-net 192.168.16.51 192.168.16.55
System(su-Services-config)->ip slb serverfarm local-www
System(su-Services-config-slb-sfarm)->real 192.168.16.101
System(su-Services-config-slb-real)->inservice
System(su-Services-config-slb-real)->exit
System(su-Services-config-slb-sfarm)->real 192.168.16.102
System(su-Services-config-slb-real)->inservice
System(su-Services-config-slb-real)->exit
System(su-Services-config-slb-sfarm)->real 192.168.16.103
System(su-Services-config-slb-real)->inservice
System(su-Services-config-slb-real)->exit
System(su-Services-config-slb-sfarm)->exit
System(su-Services-config)->ip slb vserver WWW
System(su-Services-config-slb-vserver)->virtual 10.21.141.100 tcp www all-vrfs
System(su-Services-config-slb-vserver)->serverfarm local-www
System(su-Services-config-slb-vserver)->source nat pool local-net
System(su-Services-config-slb-vserver)->inservice
System(su-Services-config-slb-vserver)->exit
System(su-Services-config)->