NetIQ docs state that if you are load balancing your IDS/AG stuff, that
the IDS and AG cluster server members need to be on separate
switches/networks so that the two cluster sets cannot talk directly to
each other.

The issue is that we are consolidating all our physical machines into a
set of VMware hosts on an HP FlexFabric chassis, so as a result, there's
only one physical cable where the VLAN's reside.

Further, our existing IDS/AG servers are on the same VLANs (just
currently on different switches). Creating like 8 new VLANs for all our
cluster servers is not an option.

I'll use just one setup as an example: = = = =

The Cisco CSS (load balancer) VIPS corresond to the DNS entries: = (VIP on the CSS for the IDS servers) = ( VIP on the CSS For the AG cluster servers)

Now, I was told by 2 people that you could use ARP table overrides in
the SLES OS so that you no longer needed to use separate physical
switches/networks anymore?

While this may be an OS/networking question, I figured I'd ask here
since it's kinda NAM specific.


kjhurni's Profile:
View this thread: