Alteon One-Armed Issues

[wolfewlu]

Hello all,

I have an issue with a one-armed Alteon setup, that I can't find an
answer to anywhere. Any help is greatly appreciated. The setup is
this: I have an Alteon 180e in one-armed mode with four ports
connected to 4 different subnets (each port is on a different tagged
VLAN). I have assigned a PIP to each port as well. The SLB groups
(VIPs) I have setup work when connected to by other computers on the
same VLAN/subnet, but when connecting to a VIP from a different subnet
the TCP connection is accepted but no traffic flows. I have inserted
my config below. Any suggestions? Thank you very much in advance!

Best Regards,
Jason Williams


----ALTEON CONFIG----
script start "Alteon 180e" 4 /**** DO NOT EDIT THIS LINE!
/* Configuration dump taken 17:26:04 Mon Nov 15, 2004
/* Version 10.0.30, Base MAC address
/c/sys
snmp w
/c/snmp
name "EXMP"
locn "TESTLAB"
cont "jasonjwwilliams@gmail.com"
rcomm "read"
wcomm "write"
/c/port 1
tag ena
pvid 4004
/c/port 1/fast
speed 100
fctl both
mode full
auto off
/c/port 1/gig
fctl both
auto off
/c/port 2
tag ena
pvid 4001
/c/port 2/fast
speed 100
fctl both
mode full
auto off
/c/port 2/gig
fctl both
auto off
/c/port 3
tag ena
pvid 4002
/c/port 3/fast
speed 100
fctl both
mode full
auto off
/c/port 3/gig
fctl both
auto off
/c/port 4
tag ena
pvid 4005
/c/port 4/fast
speed 100
fctl both
mode full
auto off
/c/port 4/gig
fctl both
auto off
/c/vlan 1
def 5 6 7 8 9
/c/vlan 4001
ena
name "arm1"
def 2
/c/vlan 4002
ena
name "arm2"
def 3
/c/vlan 4004
ena
name "arm3"
def 1
/c/vlan 4005
ena
name "arm4"
def 4
/c/stp 1/off
/c/stp 2/clear
/c/stp 2/add 4001
/c/stp 3/clear
/c/stp 3/add 4002
/c/stp 4/clear
/c/stp 4/add 4004
/c/stp 5/clear
/c/stp 5//add 4005
/c/ip/if 1
ena
addr 192.168.23.220
mask 255.255.255.0
broad 192.168.23.255
vlan 4004
/c/ip/if 2
ena
addr 192.168.40.101
mask 255.255.255.248
broad 192.168.40.103
vlan 4001
/c/ip/if 3
ena
addr 192.168.30.220
mask 255.255.255.0
broad 192.168.30.255
vlan 4002
/c/ip/if 4
ena
addr 192.168.40.124
mask 255.255.255.240
broad 192.168.40.127
vlan 4005
/c/ip/gw 1
ena
addr 192.168.23.1
/c/slb
on
/c/slb/adv
direct ena
matrix dis
/c/slb/real 1
ena
rip 192.168.23.103
maxcon 10000
inter 10
/c/slb/real 2
ena
rip 192.168.23.104
maxcon 10000
inter 10
/c/slb/real 3
ena
rip 192.168.23.105
maxcon 10000
inter 10
/c/slb/real 4
ena
rip 192.168.23.106
maxcon 10000
inter 10
/c/slb/real 5
ena
rip 192.168.40.99
maxcon 10000
inter 10
/c/slb/real 6
ena
rip 192.168.40.100
maxcon 10000
inter 10
/c/slb/real 7
ena
rip 192.168.30.4
maxcon 10000
inter 10
/c/slb/real 8
ena
rip 192.168.30.5
maxcon 10000
inter 10
/c/slb/real 9
dis
rip 192.168.30.6
maxcon 10000
inter 10
/c/slb/real 10
dis
rip 192.168.30.7
maxcon 10000
inter 10
/c/slb/real 11
ena
rip 192.168.30.8
maxcon 10000
inter 10
/c/slb/real 12
ena
rip 192.168.30.9
maxcon 10000
inter 10
/c/slb/real 13
ena
rip 192.168.40.116
maxcon 10000
inter 10
/c/slb/real 14
ena
rip 192.168.40.117
maxcon 10000
inter 10
/c/slb/group 1
metric roundrobin
add 1
add 2
/c/slb/group 2
metric roundrobin
health ldap
add 3
add 4
/c/slb/group 3
health smtp
add 5
add 6
/c/slb/group 4
health arp
add 7
add 8
add 9
add 10
/c/slb/group 5
add 11
add 12
/c/slb/group 6
health http
add 13
add 14
/c/slb/port 1
client ena
server ena
proxy ena
pip 192.168.23.221
/c/slb/port 2
client ena
server ena
proxy ena
pip 192.168.40.102
/c/slb/port 3
client ena
server ena
proxy ena
pip 192.168.30.221
/c/slb/port 4
client ena
server ena
proxy ena
pip 192.168.40.125
/c/slb/virt 1
ena
vip 192.168.23.222
dname "gmail.com"
/c/slb/virt 1/service 3306
group 1
hname vserv1
/c/slb/virt 2
ena
vip 192.168.23.223
dname "gmail.com"
/c/slb/virt 2/service ldap
group 2
hname vserv2
/c/slb/virt 2/service 636
group 2
hname cls
/c/slb/virt 3
ena
vip 192.168.40.98
dname "gmail.com"
/c/slb/virt 3/service smtp
group 3
hname vserv3
/c/slb/virt 4
ena
vip 192.168.30.222
dname "gmail.com"
/c/slb/virt 4/service 92
group 4
hname vserv4
/c/slb/virt 5
ena
vip 192.168.30.223
dname "gmail.com"
/c/slb/virt 5/service smtp
group 5
hname vserv5
/c/slb/virt 6
ena
vip 192.168.40.115
dname "gmail.com"
/c/slb/virt 6/service http
group 6
hname vserv6
/c/slb/virt 6/service https
group 6
hname vserv7
/c/slb/adv
ldapver 3
/
script end /**** DO NOT EDIT THIS LINE!

 

[leedsit]

Hi,

You state that remote ( non local subnets ) clients dont seem to be working. Which port on the Alteon are they connecting through????

 

[wolfewlu]

Hi,

I seem to have it somewhat working now in one-armed mode (the issue was somewhat related to something else). However, I have a new problem. I have two gateways set (one for each subnet that needs to talk externally, two of the subnets do not need to talk to the outside world). However, with both gateways enabled only the #1 gateway is used. So any traffic that comes in on Port 4 gets replies sent out on Port 2. And any traffic that comes in on Port 2 gets sent out on Port 2 (which is correct). If I swap the order of the gateways, then traffic that comes in on Port 2 gets replies from the Alteon on Port 4 (Port 4 traffic goes out Port 4). What I need is to ensure that traffic from the Internet that comes in Port 2 get replies out Port 2, and that traffic from the Internet that comes in Port 4 gets replies out Port 4. How can I force each port to use a different default gateway?

Thanks in advance,
Jason

 

[leedsit]

Hi,

Normally ( I use alteon 2424SSL`s ) the first 4 Gateways are DEFAULT gateways, should any vlan not have a gateway assigned, or should a gateway fail, then they will automatically use Gateways 1-4 in order, hence you dont assign VLANS`s to gateway number 1-4. However 5 and upwards can be assigned to vlans, and they will only be used by that vlan.

EG

Gateway 5 192.168.0.1 vlan 1
Gateway 6 192.167.0.1 vlan 2
Gateway 7 192.169.0.1 vlan 3

However if you add
Gateway 1 192.170.0.1 <vlan is not an option>
then any vlan that does not have a gateway assigned OR should one of the gateways above fail, then it will use Gateway 1 ( in this case ) to 4.

Hope this helps.