A host range allows you to easily configure a contiguous range of VIP addresses. Instead of individually
configuring each VIP address, you can configure the base VIP address (the lowest VIP address in the range), then specify how many addresses the range contains. These VIP addresses can, in turn, be mapped to a range of real server addresses. When a client requests an address in the VIP host range, the ServerIron automatically maps the VIP address to a real IP address on a real server, based on the real server address’s offset from the base VIP address.
For example, you can specify that a host range of 5 VIP addresses on a virtual server be mapped to a host range of 5 IP addresses on a real server. If the virtual server’s base IP address is 192.168.9.10 and the real server’s base IP address is 10.10.10.30, the mapping would be as follows.
Additionally, you can map a host range of VIP addresses to a host range of IP addresses on multiple real servers. For example:
With host ranges, the mapping between the host range on the virtual server and the host range on the real server(s) had to be sequential and contiguous. With the host-range map feature, addresses in the host range on the real server(s) do not need to be contiguous.
The host-range map feature allows you to select the addresses in a real server’s host range that can be mapped to addresses in the virtual server’s host range. For example, using this feature, you can establish the following mapping between a host range of VIP addresses on a virtual server and a host range of IP addresses on three real servers.
In this example, real server 1 can use addresses in its host range that are offset by 2, 3, and 4 from its base IP address to map to VIP addresses that are offset by 2, 3, and 4 from the virtual server’s base VIP address. However, the IP address in real server 1’s host range that is offset by 1 from its base IP address would not be mapped to the VIP address that is offset by 1 from the virtual server’s base VIP address.
Virtual Server VIP addresses
Offset from VIP base address Real Server IP addresses 192.168.9.11 1 10.10.10.31 192.168.9.12 2 10.10.10.32 192.168.9.13 3 10.10.10.33 192.168.9.14 4 10.10.10.34 Virtual Server VIP addresses
Offset from VIP base address Real Server 3 IP addresses Real Server 2 IP addresses Real Server 1 IP addresses 192.168.9.11 1 10.10.10.71 10.10.10.51 10.10.10.31 192.168.9.12 2 10.10.10.72 10.10.10.52 10.10.10.32 192.168.9.13 3 10.10.10.73 10.10.10.53 10.10.10.33 192.168.9.14 4 10.10.10.74 10.10.10.54 10.10.10.34
Table 3.5: VIP-to-IP address mapping using the host-range map feature Virtual Server
VIP addresses
Offset from VIP base address Real Server 3 IP addresses Real Server 2 IP addresses Real Server 1 IP addresses 192.168.9.11 1 10.10.10.51 192.168.9.12 2 10.10.10.72 10.10.10.52 10.10.10.32 192.168.9.13 3 10.10.10.73 10.10.10.33 192.168.9.14 4 10.10.10.54 10.10.10.34
You can use the host-range map feature with up to 32 real servers and host ranges of up to 255 addresses. To use the host-range map feature to establish a mapping structure like the one shown in Table 3.5, perform the following tasks:
1. Assign a unique bind-ID to each real server bound to the virtual server. Each real server must have its own bind-ID.
2. Define a host-range map, which associates each offset in a virtual server’s host range with one or more bind- IDs.
3. Apply the host-range map to the virtual server.
Assigning a Bind-ID to a Real Server
A bind-ID is a number you assign to a real server. When you configure the host range map, you refer to the real servers by their bind-IDs. Assign a bind-ID to each real server to be included in a host-range map.
For example, to implement the configuration in Table 3.5, you can assign real server 1 to bind-ID = 1, real server 2 to bind-ID = 2, and real server 3 to bind-ID = 3. The following commands configure these three real servers.
ServerIron(config)# server real rs1 10.10.10.30 ServerIron(config-rs-rs1)# host-range 5
ServerIron(config-rs-rs1)# bind-id 1 ServerIron(config-rs-rs1)# port http ServerIron(config-rs-rs1)# exit
ServerIron(config)# server real rs2 10.10.10.50 ServerIron(config-rs-rs2)# host-range 5
ServerIron(config-rs-rs2)# bind-id 2 ServerIron(config-rs-rs2)# port http ServerIron(config-rs-rs2)# exit
ServerIron(config)# server real rs3 10.10.10.70 ServerIron(config-rs-rs3)# host-range 5
ServerIron(config-rs-rs3)# bind-id 3 ServerIron(config-rs-rs3)# port http ServerIron(config-rs-rs3)# exit
Syntax: [no] host-range <number-of-addresses> Syntax: [no] bind-id <number>
The host-range <number-of-addresses> command specifies the number of IP addresses that will be included in the host range for the real server. For example, since real server rs1 has a base IP address of 10.10.10.30, the host-range 5 command causes addresses 10.10.10.30 through 10.10.10.34 to be included in the host range. You use the host range map to select individual addresses within the range and omit the addresses you want to omit. The bind-id <number> command assigns a bind-ID to each real server to be included in a host-range map. When you configure a host range map, you refer to the real servers by their bind-IDs. Each real server in a host range map must have a unique bind-ID.
Defining a Host-Range Map
The host-range map specifies which IP addresses in the host ranges of each real server you actually want to use for SLB. The map enables you to selectively include individual addresses, by specifying their offsets in the range. To define a host range map, you associate each VIP offset with one or more bind-IDs, then determine the binary representation of this association, then convert the binary representation to a hexadecimal number. You enter this hex number as part of the host-range map definition.
When defining a host-range map, it may be useful to create a table containing a row for each VIP offset and a column for each bind-ID (real server), as well as a column for the binary representation and a column for the hex
number. For each VIP offset, specify which bind-ID can use IP addresses in its host range to map to the VIP offset address. For the sample configuration in Table 3.5 on page 3-45, such a table would look like the following:
The first line of the table indicates that VIP offset 1 applies only to the real server with bind-ID = 2. Only real server 2 will map the IP address in its host range that is offset by 1 to the IP address that is offset by one from the VIP’s base IP address. The binary representation of this is “010”, which means “not bind-ID = 3, bind-ID = 2, not bind-ID = 1". The hex representation of “010” is “2”. You enter this hex number as part of the definition of the host- range map.
Using the information in Table 3.6, you would define the host-range map for the configuration in Table 3.5 on page 3-45 as follows: ServerIron(config)# vip-host-range-map 1 ServerIron(config-vip-host-range-1)# vip-offset 1 2 ServerIron(config-vip-host-range-1)# vip-offset 2 7 ServerIron(config-vip-host-range-1)# vip-offset 3 5 ServerIron(config-vip-host-range-1)# vip-offset 4 3 ServerIron(config-vip-host-range-1)# exit
Syntax: [no] vip-host-range-map <map-number>
Syntax: [no] vip-offset <vip-offset-number> <hex-number>
The default behavior (without a host-range map definition) is to bind each VIP address offset from the virtual server’s base address to the comparable offset address on each of the real servers. In the sample configuration, the host-range map definition for VIP offset 2 specifies that addresses from all three real servers be included in the bindings. Since this is the default behavior, the vip-offset 2 7 command in the host-range map definition can be omitted.
Applying the Host-Range Map to the Virtual Server
After you assign the bind-IDs to the real servers and create a host-range map, you apply the host-range map to the virtual server.
For example, to apply host-range map 1 to virtual server vs1, enter commands such as the following:
ServerIron(config)# server virtual vs1 192.168.9.10 ServerIron(config-vs-vs1)# host-range 5
ServerIron(config-vs-vs1)# host-range-map 1 ServerIron(config-vs-vs1)# port http
ServerIron(config-vs-vs1)# bind http rs1 http rs2 http rs3 http
Syntax: [no] host-range-map <map-number>
Table 3.6: Determining a host-range map VIP Offset Bind to Bind ID = 3 Bind to Bind ID = 2 Bind to Bind ID = 1 Binary Representation Hex Number 1 X 010 2 2 X X X 111 7 3 X X 101 5 4 X X 011 3
Disabling Overlap Checking
If you are using SwitchBack (sometimes called "Direct Server Return"), you configure a separate loopback interface on each real server for the VIP’s base address and also for each additional address in the host range you want to use on the real server.
The ServerIron sends the client traffic to the real server without translating the destination address. The real server receives the client traffic addressed to a loopback address configured on the server and responds directly to the client.
Normally, the CLI checks for address range overlaps when you configure a real server. For example, if real server abc has management IP address 10.10.10.10 and a host range of 5, the CLI assumes that the real server also will have addresses 10.10.10.11 – 10.10.10.14. If you then try to configure real server def with management IP address 10.10.10.12, the CLI detects an address overlap, since 10.10.10.12 is within the range specified for abc, and displays an error message instead of accepting the configuration. Here is an example:
ServerIron(config)#server real def 10.10.10.12 duplicate IP address !!!
Error - Failed to create real server
The overlap check is not applicable to SwitchBack configurations since the addresses in the range are not going to be configured on the real server. For example, if the VIP is 192.168.9.10 with a range of 5, you need to configure loopback interfaces 192.168.9.10 – 192.168.9.14 on each real server. You do not need to configure a range beginning with the real server’s management IP address.
For a SwitchBack configuration, if the management IP address of a real server is within the host range on another real server (even though the addresses in the range will not actually be configured on the real server), you need to disable overlap checking.
NOTE: Do not disable overlap checking unless you are configuring a host range in a SwitchBack configuration. If the configuration is not SwitchBack, disabling overlap checking can cause the feature to work incorrectly. To disable overlap checking, enter the following command:
ServerIron(config)#server no-host-range-ip-check
Syntax: [no] server no-host-range-ip-check.
After you disable the range check, use the commands described in the previous section to configure the real servers, bind-IDs, VIP, and host range map.