ACE 4710 Can not confirm http cookie sticky connections

Similar Messages

• Http cookie stickiness

  Hi,
  I have an http session between Web Server farm and Application Server Farm.
  After firt http request, Application Server send this pck (see file http_header.txt ).
  So, I configured http cookie Stickiness with Dynamic cookie learning:
  sticky http-cookie JSESSIONID Cookie-Bea-Group
  cookie offset 0 length 64
  timeout 70
  timeout activeconns
  replicate sticky
  serverfarm BEA8-SFARM-3
  But it doesn't work. But if web server received an answer from Application server with only one set-cookie
  Set-Cookie:JSESSIONID=xxxxx
  It work
  if in the http header there are two set-cookie doesn't work.
  I need stick the session based only on JSESSIONID cookie.
  Is it possible and how?
  Thanks
  Dino

  Hi Dear,
  The ACE appliance/module has the dynamic cookie feature.
  You then just need configure the cookie name and the box does the rest.
  When static cookies are used there will only be one entry in the cookie database per real server. So, if ace-cookie is the only cookie defined and there are two servers, there will only be two entries in the sticky database, even if there are thousands of user sessions.
  Dynamic cookie learning is another option for keeping the SAP session persistent. The sticky table can hold a maximum of four million dynamic entries (four million simultaneous users). The key is choosing the right cookie name.
  Lets take an example of SAP sets a number of cookies for various purposes (note the ace_cookie was set by Cisco ACE using cookie insert, not SAP), but the saplb_* cookie is set by SAP specifically for load-balancers. It has the format saplb_=()[].
  Here, the cookie value also helps to verify which server instance and physical node you are connected to.
  The configuration process for cookie learning is similar-with a few changes in the syntax.
  Example configuration:
  ssticky http-cookie saplb_* ep-cookie
  replicate sticky
  serverfarm EP-HTTP
  policy-map type loadbalance http first-match ep-policy
  class class-default
  sticky-serverfarm ep-cookie
  In the above examples, the replicate sticky command is used so that the cookie information is replicated to the standby Cisco ACE context. With this implementation, session persistence is maintained in the event of a failover. The default timeout is one day.
  The show sticky data command retrieves the active sticky entries that have been dynamically learned. The value shown is not the actual cookie value, but a function of it created by Cisco ACE.
  Example configuration:
  switch/SAP-Datacenter# show sticky data
  sticky group : ep-cookie
  type : HTTP-COOKIE
  timeout : 100 timeout-activeconns : FALSE
  sticky-entry rserver-instance time-to-expire flags
  ---------------------+--------------------------------+--------------+-------+
  6026630525409626373 SAP-EP:50000 5983
  Load Balancing Identifier
  The Load Balancing Identifier used for Load balancing to Web AS Java instances has the following syntax.
  saplb_=()[]
  The cookie is set on path=”/” and domain=.
  The same syntax applies if the identifier is used via url rewriting.
  The applies only to the J2EE Engine where session stickyness on a process (JVM) level is required. The uniquely identifies a set of instances. If there are no special group definitions then the special group identifier '*' is used. This will be the case for a default installation.
  The SAP Web Dispatcher checks for path prefix match and thereby determines group name. This allows to obtain from the set of dispatch cookies or to do initial load balancing for the group. The Java dispatcher receives the request and also checks for the group. The Java dispatcher then reads from the appropriate dispatch cookie or performs initial dispatch on his local nodes.
  The CSS does not have the possibility to learn dynamic cookie value created on the server.
  So, you can either use arrowpoint cookies which is quite simple or have your server team add a static value to the jsessionid in order to identify the server.
  We can then configure the CSS to locate this static value and match it to a service.
  If possible kindly rate.
  Keep in touch.
  Kind regards,
  Sachin Garg

• Can not confirm the qty in schedule line in MTO case

  Hi All,
  I used item category ZTAN for Make-to-order purpose when I create the sales order. I set the KEVV for ZTAN in requirement assignment and requirement class 060 is assigned to KEVV.In 060 I set the availiablity is false, requirement transfer is true and Allocation Indicator = 3.
  Then I do below transaction in SAP:
  1/Create sales order
  2/Run MRP
  3/Generate the production order
  4/GR against production order
  5/Create delivery note
  By the way, the strategy group for the my finished goods is 40.
  But in the step 5, the system tell me that not confirmed qty in the order schedule line so that I can not create the Delivery. I go back to sales order and check the schedule line, but and press the button of Item Availiablity, the system can not confirmed the qty for the schedule line. Do any one know what probelm in my setting or oerations?? I will appreciate if any feedback. Thank you in advance.
  Joe

  Hi Friends,
  Any comments please? It is quite urgent.
  BR
  Joe

• Safari Version 6.0 (8536.25) Can not memory my cookie!How is that?

  Safari Version 6.0 (8536.25) Can not memory my cookie!How is that?

  Check your Safari>Preferences>Security>Cookies

• I can not get the iPad to connect to the internet thru the router it shows the modum but will not connect

  I can not get the iPad to connect to the internet thru the router it shows the modum but will not connect it keeps saying choose a netwokand the IP Address it automaticaly puts in is wrong?

  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  Additional things to try.
  Turn Off your iPad. Then turn Off (disconnect power cord) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  On your iPad go to Settings > General > Reset > Reset network settings and see if that enables you to connect.
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
   Cheers, Tom

• Hi, I reset my iphone 3gs, and it brought an apple logo on the screen so I restored it to version 6.0 but it can not accept a sim or connect to itunes for activation.what do I do, please help me

  hi, I reset my iphone 3gs, and it brought an apple logo on the screen so I restored it to version 6.0 but it can not accept a sim or connect to itunes for activation.what do I do, please help me

  See Here  >  http://support.apple.com/kb/HT1808
  You may need to try this More than Once...
  But... if the Device has been Modified... this will Not necessarily work.

• Hi I can not get my printer to connect to the internet.

  Hi
  I can not get my printer to connect to the internet. it is connected to my network according to wifi test printout but my computer can not find it.
  When I try to download apps directly from the printer it says that it is not connected to the internet.
  I have an airport extreme + 3 airport express a macbook pro and printer is an HP 7510e
  I see the printer on the first page in the airport utility when I click on my airport extreme.so it is online but nothing happens when I try to print.
  Please help me

  Hi all,
  Guess I understand what is going on as I'm also experiencing the problem.
  Basically the issue is about the iPhone 4's personal hotspot.
  I'm trying to hook on personal hotspot to my toshiba laptop but it couldnt work as the connection is limited to local only without Internet access.
  The hotspot works well on other laptop and I-devices, but not my toshiba...
  Hope to get assistance here. Thanks

• I can not lissen music if I connect a ipod from line-in on my Satelite P200

  I can not lissen music if I connect a ipod from line in on my Satellite P200. I can only register misuc from line in. Why?
  Thank you in advance
  lillo

  >I can not lissen music if I connect a ipod from line-in on my Satelite P200
  I am not ipod owner but im really wondering you cannot do this. As far as i know you should have USB cable that allw you to connect iod ti your notebook using this USB port on your notebook.
  iPod should be recognized and listed in windows explorer so you should have access to all saved data there.
  If this works open all mp3 files saved on iPod using Windows Media player or some other player like Winampo and enjoy your music.
  Does it works or not?

• Can not get my MacPro to connect to iCloud

  I can not get my MacPro to connect to iCloud.  It tries periodically but returns the message "This Mac can't connect to iCloud because of a problem with [my account]@aim.com."  This aim.com address is one I have not used in years. I have tried to purge all references to this address in my system but must have missed some.  How do I correct this?

  This aim.com address is one I have not used in years.
  Is it still functional ? iCloud sends a welcome mail to this adress. Look for it.

• I can not pick up a wifi connection anywere

  Ive just got the Iphone 5 and for some reason i can not pick up a WIFI connection anywere ? I've tried it at work were everyone is  connected to it and mine will not pick it up please help

  If the Start Firewall button is grey (inactive) check to see if the pad lock is "locked" in the lower left corner of the screen.  If so, click it and enter the Administrator password to unlock it.  Then you can start the firewall.
  Hope this helps.

• I can not access the hard drive connected to my airport extreme!  Any thoughts?

  I can not access the hard drive connected to my ariport extreme.  When I use the finder to connect a server and type in the IP of the a. extreme, 10.0.1.1 it does not work and I get an error message.
  Any thoughts.
  A

  Is the hard drive formatted for Mac in Mac OS Extended (Journaled)?
  If yes, you may need to use a powered USB hub since the USB port on the AirPort Extreme is under powered and it is often necessary to use a powered hub....even if the hard drive has its own power supply
  If both items check out above.....have you checked Finder Preferences to make sure that "Connected Servers" will be displayed?
  Finder Preferences > General > Show These Items on the Desktop > Connected Servers
  Then with the Finder menus displayed at the top of the screen click the Go menu
  Click Network and the AirPort Extreme icon should be displayed
  Double click the icon to mount the drive on the desktop

• I can not get my Ipod to connect with my computer using a usb cord

  I can not get my Ipod to connect with my computer using my usb cord ?

  Hi starhalcomb,
  I'm sorry to hear you are having issues with your iPod touch. I also apologize, I'm a bit unclear on your exact configuration. If you are having issues with your iPod touch not being recognized in iTunes when you connect via USB, you may find the information and troubleshooting steps outlined in one of the following articles helpful:
  iPhone, iPad, or iPod not recognized in iTunes for Windows - Apple Support
  If you don't see your connected device in iTunes for Mac - Apple Support
  Regards,
  - Brenden

• ACE 4710 - can I dynamically sticky all traffic to 1 server based on URL?

  Hello all, I'm new to the ACE 4710 and need to know some details about stickyness.
  As background, we are a small company with a SaaS product and a pair of webservers.
  I have set up the loadbalancing default L7 Load-balancing rule to sticky based on a Cookie based Stickey Group.
  That seems to be working and session traffic is sticking to a server during the user's session.
  Based on a request from our outsourced developer they would like the Loadbalancer to not only sticky the users sessions, but also sticky a url to a server.
  I would like this to happen dynamically as each of our clients will have their own url based on our standard domain like clientname.fixeddomain.com and I don't want to have to come back to the loadbalancer every time we add a client.
  As I said, I'm new to these devices but understand the concepts, and am in the position of having to make it work little to no tranining on this hardware and no budget at this point to pay someone else for configuration and setup.
  I just need to know at this point if I can stick all requests for a specific URL to a server to avoid caching issue while those sessions are active and have new connections to other client urls balanced among the webservers.
  Hopefully this request makes sense.
  Thanks,
  Mark Steeves.

  Daniel,
  Thanks for the reply, but I cannot reach the URL you included.  It gives me a 403.
  Therfore without reading the article, I wanted to ask if the proper setup would be:
  1. Default L7 load-balancing action: Primary action: Sticky: Stickey Group using
  Type = HTTP Header: Header name = Host
  2. Server Farm: Predictor: Least Connections or Round Robin to distribute the load between the 2 web servers.
  Using this setting in testing, it looks like all the traffic keeps going to 1 server only.  Granted there is not much traffic t the servers, but I have 2 different url being tested. url1.ourdomain.com & url2.ourdomain.com
  If you have another link for the above document, please let me know.
  Thanks,
  Mark Steeves.

• ACE 4710 is not working

  Hi. I'm working on the Cisco ACE 4710 to be able to load balance web Traffic between several web servers. but despite following the steps mentioned on the Cisco configuration guide (specially this link and related docs: http://docwiki.cisco.com/wiki/Cisco_ACE_4700_Series_Appliance_Quick_Start_Guide,_Release_A3(1.0)_--_Creating_a_Virtual_Context) we did not managed to make it. we tested both the "bridged scenario" and "routed scenario" but none of them is working. specifically "configuring Nat" in the above link is very confusing and is not clear; because it's not the same as Cisco IOS, which we used to implement it that way. 
  Routed Scenario:
  ==========================================
  probe http Http_Probe
    description Server Healty Check
    port 80
    request method head url /index.htm
  probe icmp ICMP_Check
    interval 10
    passdetect interval 5
  rserver host NetCad_Server_1
    ip address 172.16.1.100
    probe ICMP_Check
    inservice
  rserver host NetCad_Server_2
    ip address 172.16.1.101
    probe ICMP_Check
    inservice
  rserver host NetCad_Server_3
    ip address 172.16.1.102
    probe ICMP_Check
    inservice
  serverfarm host NetCad_Servers
    probe Http_Probe
    rserver NetCad_Server_1 80
      inservice
    rserver NetCad_Server_2 80
      inservice
    rserver NetCad_Server_3 80
      inservice
  sticky http-cookie Cookie1 1
    serverfarm NetCad_Servers
  class-map match-all VS_NetCad
    2 match virtual-address 192.168.13.162 255.255.252.0 tcp any
  policy-map type management first-match mgmt-pm
    class class-default
      permit
  policy-map type loadbalance first-match VS_NetCad-l7slb
    class class-default
      serverfarm NetCad_Servers
  policy-map multi-match int40
    class VS_NetCad
      loadbalance vip inservice
      loadbalance policy VS_NetCad-l7slb
      loadbalance vip icmp-reply
  interface vlan 40
    description Client Side
    ip address 192.168.13.161 255.255.252.0
    ip options allow
    no normalization
    no icmp-guard
    access-group input Permit_ALL
    service-policy input mgmt-pm
    service-policy input int40
    no shutdown
  interface vlan 41
    description Server Side
    ip address 172.16.1.1 255.255.255.0
    ip options allow
    no normalization
    no icmp-guard
    access-group input Permit_ALL
    nat-pool 1 172.16.1.110 172.16.1.110 netmask 255.255.255.255 pat
    service-policy input mgmt-pm
    no shutdown
  ip route 0.0.0.0 0.0.0.0 192.168.12.1
  ==========================================

  Hi,
  Let me explain you.
  Assuming client IP as 1.1.1.1, VIP as 2.2.2.2 and Real Server as 3.3.3.3
  Consider the simple situation where client needs to access an application hosted on 3.3.3.3. Client sends a request which comes to VIP.
  src 1.1.1.1----->dst------->2.2.2.2. ACE after matching conditions and taking LB decision decides to send  it to 3.3.3.3 real server. Performs destination NAT and forwards the client request to 3.3.3.3. So the above packet L3 header will now look like:
  src 1.1.1.1       dst 3.3.3.3. When reply comes from server, ACE will change src 3.3.3.3 back to 2.2.2.2 and forwards the request to client 1.1.1.1. SIMPLE LB.
  Now comes a situation where let's say you want to hide the client IP from server or let's say server's default GW is not ACE or client and server are in same subnet but need to communicate through VIP on ACE etc.
  Src 1.1.1.1 dst 2.2.2.2
  After LB ace decides to send it to 3.3.3.3 but also policy multi match has nat rule (nat dynamic 1 vlan x). But packet would be forwarded from server vlan where you have NAT pool defined. So let's say pool IP is 3.3.3.4. So ACE will perform both destination as well as src NAT here before forwarding the packet to server and packet L3 header will look like:
  src 3.3.3.4 ----->dst 3.3.3.3
  Now when 3.3.3.3 has to send packet back, ACE will answer ARP for 3.3.3.3 and hence packet will come back to ACE which will again change the L3 header IP's and send it out the client VLAN towards client.
  So NAT is always applied to server side vlan and  that's why pool is  chosen from server side subnet.
  Let me know if you have any questions.
  Regards,
  Kanwal

• Can not confirm my membership

  I am sorry that the screenshot in CC is in Chinese and it shows that my trial is just 15 days left...
  I am in 30-day trial and I am asked to confirm my membership.  But I can see my plan in my account and can not buy another plan as shown.
  What should I do with this situation?
  消息编辑者为：Zhou Yang

  This is an open forum, not Adobe support... you need Adobe staff to help
  Adobe contact information - http://helpx.adobe.com/contact.html
  -Select your product and what you need help with
  -Click on the blue box "Still need help? Contact us"