1. Home
  2. Cisco Systems
  3. Cisco SLB: Duplicate Address

Cisco SLB: Duplicate Address

I have a Cisco 3640 (IOS 12.4.12) where I have configured SLB to load balance two apache servers.

Here is a configuration extract (I have replaced real IPs with letters):

ip slb serverfarm WEBFARM real x.y.z.A faildetect numconns 3 numclients 1 retry 180 inservice real x.y.z.B faildetect numconns 3 numclients 1 retry 180 inservice

ip slb vserver VIRT_TCP_00 virtual x.y.z.C tcp 0 serverfarm WEBFARM idle 600 inservice ! ip slb vserver VIRT_UDP_00 virtual x.y.z.C udp 0 serverfarm WEBFARM idle 600 inservice !

formatting link
will resolve to x.y.z.C

real hosts A and B have

ifconfig lo:1 x.y.z.C netmask 255.255.255.255

In theory the router shoud learn which mac addresses A and B have and forwards packets for x.y.z.C to either A or B

However, it appears that sometimes it complains as follows:

Dec 18 00:20:00 router 316: 000322: Dec 18 00:20:00.082 GMT: %IP-4-DUPADDR: Duplicate address x.y.z.C on BVI1, sourced by

0010.1010.1001

0010.1010.1001 is the mac address that belongs to x.y.z.B

the message varies reporting either A or B.

Has anyone else had a similar problem with SLB? How do I resolve this issue?

HD

Reply to
haydude
Loading thread data ...

%IP-4-DUPADDR: Duplicate address [IP_address] on [chars], sourced by [enet]

Another system is using your IP address.

Cisco Recommends:

Change the IP address of one of the two systems.

Hope this helps.

Brad Reese

formatting link

Reply to
www.BradReese.Com

Of course, that is the way SLB works assigning the same IP to two hosts' lo:1 interfaces with netmask 255.255.255.255. The router will forward packets to the hosts' mac address (level 3).

I am not sure it does ..., please could you elaborate?

HD

Reply to
haydude

According to Cisco TAC here are the IOS SLB supported platforms:

In 12.3 and 12.3T, 3640/3660, 3725/3745, 7200.

In 12.2S, 7200/7300/7400, native C6K.

Sincerely,

Brad Reese Global Cisco TAC Contacts

formatting link

Reply to
www.BradReese.Com

I've seen this when a redundant slb config on another device became operational at te same time.

BernieM

Reply to
BernieM

We sometimes have the same problem on a C6K with 12.2(18)SXF4 and no solution yet.

Regards

Lothar Hofmann

Lothar Hofmann Mail: snipped-for-privacy@uni-siegen.de Universitaet Siegen ZIMT Zentrum fuer Informations- und Medientechnologie Hoelderlinstr. 3 Phone: +49 271 740 4760 D - 57068 Siegen Fax: +49 271 740 2523

Reply to
Lothar Hofmann

Hi

stupid question - why would you need a loopback interface configured on hosts? Do you balance ftp too? AFAIK "dispatched mode" (that's what loopback is for) is only the requirement for FTP.

get rid of loopbacks on the hosts. and if its really a WEBFARM - get rid of "ip slb vserver VIRT_UDP_00" too

just my 2c Roman Nakhmanson

Reply to
nakhmanson

having a loopback adddress the same as the vip is required when client ip addresses are not being natted and the server rersponds directly to the client. This is for any protocol not just ftp.

BernieM

Reply to
BernieM

Bernie you are right. "nat server" has be present in order to work without loopback. FTP works only in dispatched mode. had to read about SLB again, thanks

Roman Nakhmanson

Reply to
nakhmanson

I do not need FTP in particular, however, reading from Cisco's documentation, in this way (no NAT) we shoud be getting a better performance. Our 3640 do not do much: beyond SLB, it handles two high speed ADSL links ~5 Mbit/s each, Firewall, IDS, yet when downloading large files from one of the DSL lines the CPU goes up to 96% average very quickly. Therefore we thought that NAT (which is handled instead by another inside router for our intranet) would not be a good choice for the web servers that in our case have real IPs.

We observed that without UDP (port 80) the response time on the client side can be worse, though we do not know why. We suppose it can be down to dropped TCP connections.

Reply to
haydude

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.