CSM 411 STICKY issue
Could someone shead light on the use of STICKY in reference to a virtual server.
My config:
sticky 20 netmask 255.255.255.255 timeout 300
policy FTP
client-group CSMnets
serverfarm FTPOUT
vserver FTPOUT
virtual 0.0.0.0 0.0.0.0 tcp ftp service ftp
vlan 160
sticky 300 group 20
reverse-sticky 20
replicate csrp sticky
replicate csrp connection
persistent rebalance
slb-policy FTP
inservice
When I show csm 3 sticky, I do not receive any information.
Did I configure it wrong?
Thanks
Frank
Sorry, I missed entering the policy details.
I have configured "STICKY" on BOTH the policy and Virtual Server. The Cisco docs are VERY VAGUE.
This is what the Cisco documentations says:
"(OPTIONAL) Configures connections from the client to use the same real server. The default is sticky off"
Could you explain this in plain english, say for the dumb folks like me? 8)... PLEASE dont feel like you are giving me too much information - I have VERY thick skin.
Did I configure it correctly, is it configured just wrong or what? My experience is that you can configure MANY things wrong and traffic still flows.
My Topology:
.INTERNET
.| |
R-----R
| |
CSM---CSM
| |
FW FW
| |
CSM---CSM
| |
R-----R
INTERNAL NET
My config:
policy FTP
client-group NIHnets
serverfarm FTPOUT backup BACKUP-FTPOUT sticky
serverfarm FTPOUT
no nat server
no nat client
predictor hash address source
failaction purge
real name B12-GEFW1-DMZ
health probe FWOS-[R]-CLIENT
inservice
real name FW-GEFW1-DMZ
inservice
probe OUT-SRV-ALIAS
vserver FTPOUT
virtual 0.0.0.0 0.0.0.0 tcp ftp service ftp
vlan 160
sticky 300 group 20
reverse-sticky 20
replicate csrp sticky
replicate csrp connection
persistent rebalance
slb-policy FTP
inservice
sticky 20 netmask 255.255.255.255 timeout 300
Thanks for helping!
Frank
PS URLs that explain this stuff in detail would be GREAT too!
Similar Messages
-
Show mod csm 4 conn 1.1.1.1 detail
shows ftp control channel port 21 has a valid source and destination port during the INIT and ESTAB phase.
However, the DATA channel has a valid source and destination port during the INIT phase but as soon as the phase changes to ESTAB, the DATA port changes to :20 and :0. No matter the amount of data transferred, it is always :20 and :0.
Could anyone shead a little light?
Thanks
FrankHI Frank,
depening on the ftp mode (active or passive) you are having different ports for the data connections (see http://slacksite.com/other/ftp.html)
I assume that the FTP is not working well is it?
If not give it a try with the command virtual 1.1.1.1 tcp ftp service ftp
(refer to http://www.cisco.com/en/US/products/hw/switches/ps708/products_command_reference_chapter09186a0080212b24.html#wp1060164)
Or just use a layer 3 content rule and stick the client to the real.
Kind Regards,
Joerg -
Hi All,
I am facing session stickiness issue where we have four webserver instances and six weblogic instances.
If you see in the failure logs the JVM ID generated by the cookie is 1872775671 but the plugin is routing the request to 923706867.Please find below
Please find the success and failure logs below
Proxy Error Log :
================New Request: [amserver/UI/Login] =================
Wed Mar 20 15:01:10 2013 <202911363806070191> Uri as read from rq (request) data structure /amserver/UI/Login
Wed Mar 20 15:01:10 2013 <202911363806070191> Uri after pathTrim /amserver/UI/Login
Wed Mar 20 15:01:10 2013 <202911363806070191> Uri resolved to /amserver/UI/Login?module=GMACLoginModule&org=branch
Wed Mar 20 15:01:10 2013 <202911363806070191> resolveRequest return code is [0]
Wed Mar 20 15:01:10 2013 <202911363806070191> URI=[amserver/UI/Login?module=GMACLoginModule&org=branch]
Wed Mar 20 15:01:10 2013 <202911363806070191> INFO: SSL is not configured
Wed Mar 20 15:01:10 2013 <202911363806070191> Found cookie from cookie header: JSESSIONID=RKHWGqJvmJGWgZ9YdqywsXBLRd7QtMGX1Qr1yTmNTn0Kcdq0M0xq!-1872775671
Wed Mar 20 15:01:10 2013 <202911363806070191> Parsing cookie JSESSIONID=RKHWGqJvmJGWgZ9YdqywsXBLRd7QtMGX1Qr1yTmNTn0Kcdq0M0xq!-1872775671
Wed Mar 20 15:01:10 2013 <202911363806070191> getpreferredServersFromCookie: [-1872775671]
Wed Mar 20 15:01:10 2013 <202911363806070191> primaryJVMID: [-1872775671]
secondaryJVMID: []
Wed Mar 20 15:01:10 2013 <202911363806070191> No of JVMIDs found in cookie: 1
Wed Mar 20 15:01:10 2013 <202911363806070191> Trying to locate Primary or Secondary using SrvrInfo with JVMID: 923706867
Wed Mar 20 15:01:10 2013 <202911363806070191> getPreferredFromCookie: Start Position is 0, listLen is 1
Wed Mar 20 15:01:10 2013 <202911363806070191> getPreferredFromCookie: Either JVMIDs not set or they are stale. Will try to get JVMIDs from WLS
Wed Mar 20 15:01:10 2013 <202911363806070191> initJVMID: Iterating SrvrList from position 0
Wed Mar 20 15:01:10 2013 <202911363806070191> ======internal request /bea_wls_internal/WLDummyInitJVMIDs======
initJVMID: Trying Host[10.13.52.81] Port[7005] SecurePort[7006] useSSL [0] ioTimeout [30] socketTimeout [10]
Wed Mar 20 15:01:10 2013 <202911363806070191> INFO: New NON-SSL URL
Wed Mar 20 15:01:10 2013 <202911363806070191> Connect returns -1, and error no set to 245, msg 'Operation now in progress'
Wed Mar 20 15:01:10 2013 <202911363806070191> EINPROGRESS in connect() - selecting
Wed Mar 20 15:01:10 2013 <202911363806070191> Local Port of the socket is 63476
Wed Mar 20 15:01:10 2013 <202911363806070191> Remote Host 10.13.52.81 Remote Port 7005
Wed Mar 20 15:01:10 2013 <202911363806070191> URL::sendHeaders(): meth='HEAD' file='/bea_wls_internal/WLDummyInitJVMIDs' protocol='HTTP/1.0'
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[Connection]=[Close]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-WebLogic-Request-ClusterInfo]=[true]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[30]
Wed Mar 20 15:01:10 2013 <202911363806070191> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 400 Bad Request]
Wed Mar 20 15:01:10 2013 <202911363806070191> URL::parseHeaders: StatusLine set to [400 Bad Request]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[Date]=[Wed, 20 Mar 2013 19:01:10 GMT]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[Content-Length]=[897]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[Content-Type]=[text/html]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[X-WebLogic-Cluster-Hash]=[7GHstOoW2dPEsRHcWrZe05SfKAc]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[X-WebLogic-Cluster-List]=[923706867!168637521!7005!7006]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from WLS:[Connection]=[Close]
Wed Mar 20 15:01:10 2013 <202911363806070191> parsed all headers OK
Wed Mar 20 15:01:10 2013 <202911363806070191> initJVMID: Received the same cluster-list. Returning with no preferred servers found.
Wed Mar 20 15:01:10 2013 <202911363806070191> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
Wed Mar 20 15:01:10 2013 <202911363806070191> getPreferredFromCookie: Found 0 servers
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[accept]=[image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[referer]=[https://capacity.dealerservices.ally.com/userprovisioning/jsp/autoSubmit.jsp?lang=en-us&source=MigratedLoginWidget&userType=branch&process=login]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[accept-language]=[en-US]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[user-agent]=[Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; BTRS99959; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; .NET4.0C; InfoPath.3)]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[accept-encoding]=[gzip, deflate]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[host]=[gdpcapacity.gmacbranch.gmac.gm.com]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[cache-control]=[no-cache]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[cookie]=[s_pers=%20s_ts%3D%255B%255B%2527BRA0006T%2527%252C%25271362265430952%2527%255D%252C%255B%2527BRA0005T%2527%252C%25271363804235955%2527%255D%255D%7C1521570635955%3B%20s_nr%3D1363805063050-Repeat%7C1366397063050%3B; Locale=en-us; MasterCookie=MasterCookie; GDP_screenHeight=768; GDP_screenWidth=1366; GDP_browserType=Microsoft%20Internet%20Explorer; GDP_browserVersion=4.0%20%28compatible%3B%20MSIE%208.0%3B%20Windows%20NT%206.1%3B%20Trident/4.0%3B%20BTRS99959%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20MS-RTC%20LM%208%3B%20.NET4.0C%3B%20InfoPath.3%29; GDP_operatingSystem=Win32; GDP_userAgent=Mozilla/4.0%20%28compatible%3B%20MSIE%208.0%3B%20Windows%20NT%206.1%3B%20Trident/4.0%3B%20BTRS99959%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20MS-RTC%20LM%208%3B%20.NET4.0C%3B%20InfoPath.3%29; JSESSIONID=RKHWGqJvmJGWgZ9YdqywsXBLRd7QtMGX1Qr1yTmNTn0Kcdq0M0xq!-1872775671; ObSSOCookie=tKGxD0YS6sUw8kyVwfVBNujGihNvtG5GlUrYljs%2F3fngJbUm4%2B1bA6FpLn3LEESIpQsqwhjMDZODuautF%2B7zHKXypTkT%2Fn8DwdGn%2FYZOJK49wBTU511DfkqBmqBMsGjSM42jobA5gSQ672vUQskytWaJc4tZQC7MDLOGPEJf%2Bwc%2BVtXRi1%2FRGI4ql8jQpyWSJP6ImkHwt6QNig3Vlyt9BLZws6vvgHulULaxuA%2BXfUZ4fkVaVwN35tAmWorUa1ODiORCWhVSrZybMhTk53NsjT%2FdOaXFLZM4wcj6PKVkeG1UtZVfoNuVw8LBBVd5ave0]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[gmacdealer_groups]=[smartcash:scsupervisor:branch:us:en-us:EOAdminUS:]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[HTTP_OBLIX_UID]=[cbrus16]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs from Client:[HTTP_OBLIX_UID]=[cbrus16]
Wed Mar 20 15:01:10 2013 <202911363806070191> attempt #0 out of a max of 5
Wed Mar 20 15:01:10 2013 <202911363806070191> Server details are ''/0/0
Preferred server not set or was marked bad, checking next preferred server
Wed Mar 20 15:01:10 2013 <202911363806070191> Server details are ''/0/0
Preferred server not set or was marked bad, checking next preferred server
Wed Mar 20 15:01:10 2013 <202911363806070191> Trying a pooled connection for '10.13.52.81/7005/7006'
Wed Mar 20 15:01:10 2013 <202911363806070191> getPooledConn: No more connections in the pool for Host[10.13.52.81] Port[7005] SecurePort[7006]
Wed Mar 20 15:01:10 2013 <202911363806070191> general list: trying connect to '10.13.52.81'/7005/7006 at line 1676 for '/amserver/UI/Login?module=GMACLoginModule&org=branch'
Wed Mar 20 15:01:10 2013 <202911363806070191> INFO: New NON-SSL URL
Wed Mar 20 15:01:10 2013 <202911363806070191> Connect returns -1, and error no set to 245, msg 'Operation now in progress'
Wed Mar 20 15:01:10 2013 <202911363806070191> EINPROGRESS in connect() - selecting
Wed Mar 20 15:01:10 2013 <202911363806070191> Local Port of the socket is 63477
Wed Mar 20 15:01:10 2013 <202911363806070191> Remote Host 10.13.52.81 Remote Port 7005
Wed Mar 20 15:01:10 2013 <202911363806070191> general list: created a new connection to '10.13.52.81'/7005 for '/amserver/UI/Login?module=GMACLoginModule&org=branch', Local port: 63477
Wed Mar 20 15:01:10 2013 <202911363806070191> WLS info : 10.13.52.81:7005 recycled? 0
Wed Mar 20 15:01:10 2013 <202911363806070191> URL::sendHeaders(): meth='GET' file='/amserver/UI/Login?module=GMACLoginModule&org=branch' protocol='HTTP/1.1'
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[accept]=[image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[referer]=[https://capacity.dealerservices.ally.com/userprovisioning/jsp/autoSubmit.jsp?lang=en-us&source=MigratedLoginWidget&userType=branch&process=login]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[accept-language]=[en-US]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[user-agent]=[Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; BTRS99959; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; .NET4.0C; InfoPath.3)]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[accept-encoding]=[gzip, deflate]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[host]=[gdpcapacity.gmacbranch.gmac.gm.com]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[cache-control]=[no-cache]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[cookie]=[s_pers=%20s_ts%3D%255B%255B%2527BRA0006T%2527%252C%25271362265430952%2527%255D%252C%255B%2527BRA0005T%2527%252C%25271363804235955%2527%255D%255D%7C1521570635955%3B%20s_nr%3D1363805063050-Repeat%7C1366397063050%3B; Locale=en-us; MasterCookie=MasterCookie; GDP_screenHeight=768; GDP_screenWidth=1366; GDP_browserType=Microsoft%20Internet%20Explorer; GDP_browserVersion=4.0%20%28compatible%3B%20MSIE%208.0%3B%20Windows%20NT%206.1%3B%20Trident/4.0%3B%20BTRS99959%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20MS-RTC%20LM%208%3B%20.NET4.0C%3B%20InfoPath.3%29; GDP_operatingSystem=Win32; GDP_userAgent=Mozilla/4.0%20%28compatible%3B%20MSIE%208.0%3B%20Windows%20NT%206.1%3B%20Trident/4.0%3B%20BTRS99959%3B%20SLCC2%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.5.30729%3B%20.NET%20CLR%203.0.30729%3B%20Media%20Center%20PC%206.0%3B%20MS-RTC%20LM%208%3B%20.NET4.0C%3B%20InfoPath.3%29; JSESSIONID=RKHWGqJvmJGWgZ9YdqywsXBLRd7QtMGX1Qr1yTmNTn0Kcdq0M0xq!-1872775671; ObSSOCookie=tKGxD0YS6sUw8kyVwfVBNujGihNvtG5GlUrYljs%2F3fngJbUm4%2B1bA6FpLn3LEESIpQsqwhjMDZODuautF%2B7zHKXypTkT%2Fn8DwdGn%2FYZOJK49wBTU511DfkqBmqBMsGjSM42jobA5gSQ672vUQskytWaJc4tZQC7MDLOGPEJf%2Bwc%2BVtXRi1%2FRGI4ql8jQpyWSJP6ImkHwt6QNig3Vlyt9BLZws6vvgHulULaxuA%2BXfUZ4fkVaVwN35tAmWorUa1ODiORCWhVSrZybMhTk53NsjT%2FdOaXFLZM4wcj6PKVkeG1UtZVfoNuVw8LBBVd5ave0]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[gmacdealer_groups]=[smartcash:scsupervisor:branch:us:en-us:EOAdminUS:]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[HTTP_OBLIX_UID]=[cbrus16]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[HTTP_OBLIX_UID]=[cbrus16]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[Proxy-Path-Translated]=[u001/webserver/docs/gdp-capacity-backend-sec/amserver/UI/Login]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[Proxy-Path-Translated-Base]=[u001/webserver/docs/gdp-capacity-backend-sec]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[WL-Proxy-Client-Keysize]=[128]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[WL-Proxy-Client-Secretkeysize]=[128]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[WL-Proxy-Client-IP]=[129.41.252.30]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[WL-Proxy-SSL]=[true]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[Proxy-Client-IP]=[129.41.252.30]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-Forwarded-For]=[129.41.252.30]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[Connection]=[Keep-Alive]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[30]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[X-WebLogic-Request-ClusterInfo]=[true]
Wed Mar 20 15:01:10 2013 <202911363806070191> Hdrs to WLS:[x-weblogic-cluster-hash]=[7GHstOoW2dPEsRHcWrZe05SfKAc]
Wed Mar 20 15:01:11 2013 <202911363806070191> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 302 Moved Temporarily]
Wed Mar 20 15:01:11 2013 <202911363806070191> URL::parseHeaders: StatusLine set to [302 Moved Temporarily]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Date]=[Wed, 20 Mar 2013 19:01:10 GMT]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Pragma]=[no-cache]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Location]=[https://gdpcapacity.gmacbranch.gmac.gm.com/portal/dt?action=process&provider=PortletWindowProcessChannel&windowProvider.targetPortletChannel=GMACDataProvider&containerName=GMACBranchHomeContainer&windowProvider.currentChannelMode=VIEW&window.portletAction=ACTION]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Content-Type]=[text/html]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Expires]=[0]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Set-Cookie]=[JSESSIONID=RKHW4QzDhbJpcQJJpXJ21CV3lxY2lbhNJYmtJCYGGK2BC71JTqGr!923706867; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Set-Cookie]=[iPlanetDirectoryPro=AQIC5wM2LY4Sfcwgaa%2Bz8dzyN5AAXxW2GEBHoRwWjfYUb9M%3D%40AAJTSQACMDI%3D%23; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Set-Cookie]=[AMAuthCookie=LOGOUT; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[X-AuthErrorCode]=[0]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[X-DSAMEVersion]=[6 2005Q1]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Transfer-Encoding]=[chunked]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs from WLS:[Cache-Control]=[private]
Wed Mar 20 15:01:11 2013 <202911363806070191> parsed all headers OK
Wed Mar 20 15:01:11 2013 <202911363806070191> sendResponse() : uref_p->getStatus() = '302'
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[date]=[Wed, 20 Mar 2013 19:01:10 GMT]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Pragma]=[no-cache]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Location]=[https://gdpcapacity.gmacbranch.gmac.gm.com/portal/dt?action=process&provider=PortletWindowProcessChannel&windowProvider.targetPortletChannel=GMACDataProvider&containerName=GMACBranchHomeContainer&windowProvider.currentChannelMode=VIEW&window.portletAction=ACTION]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[content-type]=[text/html]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Expires]=[0]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Set-Cookie]=[JSESSIONID=RKHW4QzDhbJpcQJJpXJ21CV3lxY2lbhNJYmtJCYGGK2BC71JTqGr!923706867; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Set-Cookie]=[iPlanetDirectoryPro=AQIC5wM2LY4Sfcwgaa%2Bz8dzyN5AAXxW2GEBHoRwWjfYUb9M%3D%40AAJTSQACMDI%3D%23; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Set-Cookie]=[AMAuthCookie=LOGOUT; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[X-AuthErrorCode]=[0]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[X-DSAMEVersion]=[6 2005Q1]
Wed Mar 20 15:01:11 2013 <202911363806070191> Hdrs to client (add):[Cache-Control]=[private]
Wed Mar 20 15:01:11 2013 <202911363806070191> canRecycle: conn=1 status=302 isKA=1 clen=-1 isCTE=1
Wed Mar 20 15:01:11 2013 <202911363806070191> closeConn: pooling for '10.13.52.81/7005'
Wed Mar 20 15:01:11 2013 <202911363806070191> request [amserver/UI/Login?module=GMACLoginModule&org=branch] processed successfully..................
Could some one let me know how to maintain the session stickiness and please do let me know why the JVM ID is getting changed.
Note : We are using cookie based replication in our environment.
Thanks & Regards
Arunthe CSS does not have the possibility to dynamically learn cookie.
So, you have to setup manually the value sent by each server.
According to your setup, the jsessionid would have a fix value after the first 33 bytes and the value will be 2 bytes long.
Is that correct ?
If yes, try to increase the string range.
Finally, it might be easier to use arrowpoint cookies.
Gilles. -
Hi,
The Sticky function of the ACE is not working. There were no changes been made on the device it was working fine before but not now,.
We have 2 ACE one is Active(ACE1) and Second one is Standby (ACE2).
Testing done till now:-
================
Done the Failover from Active(ACE1) to Standby (ACE2).
When ACE2 was Active the Sticky started working fine without any issues.
2) when I did the failover again back from ACE2 to ACE1 the problem arrise Sticky doesnt work any more.
Any suggestion about this strange behaviour?
Thanks in advance.
Regards
Alex.What version do you run ?
What type of sticky method ?
Could you get a
- show np 1 me-stats "-slb"
and a
- show np 2 me-stats "-slb"
Possibly get 2 occurences one before and one after a test.
Thanks,
Gilles. -
Sticky issue for an application configured in ACE
Hi All,
We are facing a strange issue with ACE. We have a sticky configured for an application in ACE.
Sometimes the application is not working, We have to clear sticky session on ACE to fix the issue.
Can anbody help me to troubleshoot this issue?
Regards,
ThiyaguHi Jorge,
Here is the sticky configuration of the application which is having issue.
sticky ip-netmask 255.255.255.255 address source SG
timeout 15
serverfarm SF
Please let me know if you need the complete configurarion.
Regards,
Thiyagu -
Sticky issue when failed server become active
Hi,
We are operating the ace(csm) and using the sticky option.
Assuming that We have two servers with sicky for redundancy and being opreated active - active,
I realized that if one server go down and go up, Csm dosen't forword packet to restored server.
I think it is due to the sticky option. We need csm to play loadbalancing two servers once one is restored immediately.
Is there anything opinion or solution?
Thanks,If a real goes down (fails probe) then the csm will remove it from service and not send connections to it. The entry will also be removed from the sticky table. When it comes back, it will receive new connections when it is elgible. If all incoming connections match existing sticky entries then it will take time to gather load. If you configure "predictor leastcons" under the serverfarm and limit the sticky life, then it will allow the failed real to recover load quicker. Matthew
-
Hello Gilles,
I have setup cookie stickiness using the following config:
sticky 1 cookie JSESSIONID timeout 100
serverfarm xxxxx
real 192.168.1.1
health probe HTTP01
inservice
real 192.168.1.2
health probe HTTP02
inservice
policy pol_IOW_stick
serverfarm xxxxxx
sticky-group 1
vserver yyyyyy
virtual 192.168.1.5 tcp 0
serverfarm xxxxx
replicate csrp sticky
replicate csrp connection
persistent rebalance
slb-policy POL_IOW_STICK
inservice
Load balancing is working to the real servers and I can see the policy being matched, however,
I never see any entries in the sticky table.
This is a test scenario and all connections are being proxied through 2x proxy servers. Should I
not see at least the ip addresses of both proxy servers in the sticky table?
We are running version CSM v3.1(4)
Thanksyou need 4.x to see the sticky entry when using something else than sticky source ip.
Stickyness shoud work, it's just the show commands that requires CSM version 4.x
Regards,
Gilles. -
I'm having some issues with a newly deployed CSM SSLM. We are conducting performance testing and I amd seeing very slow response times. I have adjusted the "delayed-ack-timeout" to 50 from 200 seconds and turned "OFF" Nagle. This has seemed to help tremendously but things are still off. What other variables can I adjust to improve performance? Has anyone had any similar issues before? I am running SSLM 3.1.(1) and CSM 4.1.(6) both Safe Harbor Releases. Bellow are some performace numbers gathered from Silk testing.
Web Server SSL:
37.0 ms SSL handshake
1.4 ms server busy time
3.6 ms received time
CSM SSL:
9.4 ms SSL handshake
6.8 ms server busy time
62.0 ms received time
Let me know what you guys think
ThanksIs that for a single page download from one client ?
Or are you testing this under load - many clients ?
could you use bigger files and see if the response time is more equal ?
Be aware that the SSLM is designed to handle many simultaneous connections and may therefore look not as good as a server when testing with a single connection and small transfers.
Gilles. -
Has anyone tried to assign a weight of 0 to a serverfarm on a CSM. Documents conflict as to whether this is valid or not. We have tried it and when you do a Show mod csm real you see a weight of 1. The traffic statistics also validate that a value of 1 is being assigned. We are using 4.2(1) code. Any chance this is a bug??
CSCed41637 - Show commands display weight of 1 when weight is configured to 0
The bug is not fixed yet.
I believe the solution that will be adopted is to prevent a weight of 0 to be configured as it has no effect.
Not sure what you expect from a 'weight 0'.
If this is the graceful service shutdown, simply use the 'no inservice' command.
Regards,
Gilles. -
I am using the HTTP probe shown below. When we shutdown our backend application the server is returning a 500 response code to the client but the CSM does not remove it from service.
probe TEST http
request method get url /test/engine
expect status 0 499
interval 10
failed 10
port 8001
What if any difference is there between
request method get url and
request url
Is there any way that I can see the last response code that the CSM received?
It looked like it wanted to fail but didn't:
CSM#sh mod csm 8 probe real 10.10.63.18
real = 10.10.63.18:8001, probe = TEST, type = http,
vserver = D-TESTVIP, sfarm = D-TESTSERVER
status = OPERABLE, current = 16:44:21 EDT 07/22/08,
successes = 1714, last success = 16:44:16 EDT 07/22/08,
failures = 35, last failure = 16:33:55 EDT 07/22/08,
state = Waiting for server to reply
CSM#sh mod csm 8 probe name TEST
type port interval retries failed open receive
http 8001 10 3 10 10 10
Thank you,
DaveOk thanks. I had never seen anything on this venus mode before. It doesn't accept the command though. I get Symbol 'testhttp' not found! when I enter the command. I have version 4.2(3a) of the CSM code running.
VENUS# ?
usage
upgrade slot0:|server-ip-addr filename
create virtual ...
destroy virtual ...
rename virtual ...
add pool ...
remove pool ...
bind virtual-name ...
unbind virtual-name rule-id
reorder virtual-name ...
set balancer ...
classify acl ...
address system ...
show virtual ...
load cfg-filename
restore config defaults|flash|backup
debug ixp rd|wr chip addr #dwords
stats real [rserver-name]
script [file [slot0:script_file|tftp_addr script_file]]
capture [on|off]
venus
tftp core_dump tftp-ip-addr [filename]
exit -
Hi,
We are having ACE as the load balancer
Software running on ACE
loader: Version 12.2[121]
system: Version A2(1.1a) [build 3.0(0)A2(1.1a) adbuild_22:19:41-2008/07/21_
/auto/adbu-rel3/rel_a2_1_1_throttle/REL_3_0_0_A2_1_1A]
system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_1a.bin
We have 2 webservers (load balanced) & 2 application servers(load balanced).Cookie based stickiness is currently used on Web & Application servers.
Ideal scenario:
1.Client opens the url http://...There is always a dual session whenever the client opens the url.One is for Java & the other for html.
2.Client--->Webserver1
3.Webserver1---->APP1
Most of the times when the client types the url, the dual sessions goes to one Webserver as per round robin (eg web server 1) & the webserver 1 communicates with Application server as per round robin (eg.application server 1).
Problem:
Now at times when the client types the url, the dual sessions gets split which means one session goes to one webserver & the other session goes to second webserver.Ideally it should not as per the application demands.
When this happens, both the webservers communicates with both the application servers.Here is where the problem happens.The client is asked for the login page again which indicates that the client has went to the second application server for the login.
What ideally should happen is the client should stick to the same application server depending up the sticky timeout.
Foll. is the output of show conns when prob occurs:
Primary-ACE/DMZ2# sh conn serverfarm SF-8888
conn-id np dir proto vlan source destination state
----------+--+---+-----+----+---------------------+---------------------+------+
1321 1 in TCP 2504 172.21.46.34:2037 172.24.51.200:8888 ESTAB
1255 1 out TCP 2704 172.24.51.33:8888 172.21.46.34:2037 ESTAB
1108 2 in TCP 2504 172.21.46.34:2036 172.24.51.200:8888 ESTAB
1144 2 out TCP 2704 172.24.51.32:8888 172.21.46.34:2036 ESTAB
Primary-ACE/APP# sh conn serverfarm SF-8888
conn-id np dir proto vlan source destination state
----------+--+---+-----+----+---------------------+---------------------+------+
959 2 in TCP 2507 172.24.51.32:58306 172.24.54.200:8888 ESTAB
115 2 out TCP 2707 172.24.54.32:8888 172.24.51.32:58306 ESTAB
651 2 in TCP 2507 172.24.51.33:51030 172.24.54.200:8888 ESTAB
901 2 out TCP 2707 172.24.54.33:8888 172.24.51.33:51030 ESTAB
I have attached the configs.
The web server we are testing is 172.24.51.32 & 33 - port 8888
Application servers - 172.24.54.32 & 33-port 8888
Rgds./SachinSachin~
What is exactly your flow?
Is client hitting the Webserver farm (in web server context) and then Web servers hitting the APPs Servers in the APPS server context?
If thats the case (only Web servers are App server clients and client is not hitting application serverfarm ) then you can use source ip based sticky in APP server farm which will ensure that one web server sticks to a particular APP server and it never changes the APP server.
Following example will insert cookie named "Mycookie" in the server responses from APP1 rservers to the client
rserver host App1-Srvr1
ip address 192.168.1.1
inservice
rserver host App1-Srvr2
ip address 192.168.1.2
inservice
serverfarm host APP1-SFARM
rserver App1-Srvr1
inservice
rserver App1-Srvr2
inservice
class-map match-any APP1-VIP
2 match virtual-address 10.10.10.1 tcp eq www
sticky http-cookie MYcookie App1-sticky
cookie insert
timeout 720
replicate sticky
serverfarm App1-Sfarm
policy-map type loadbalance first-match APP1-POLICY
class class-default
sticky-serverfarm App1-sticky
policy-map multi-match VIPS
class VIP-P80
loadbalance vip inservice
loadbalance policy APP1-POLICY
loadbalance vip icmp-reply active
HTH
Syed Iftekhar Ahmed -
Catalyst 6500 CSM-S Cookie stickiness timout ?
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Hi, anyone able to help with this ?
We have a CSM-S sitting in a 6513, at the moment we have IP stickiness applied for a Vserver/Serverfarm. The back end product vendor advises that cookie stickiness would be more appropriate for their application.
I have been scratching my head around the timeout of the inserted cookies; whatever I do they persist seemingly indefinitely, for example:
Just a test configuration with a 10minute sticky timout.
serverfarm applicationA
nat server
nat client applicationA_pool
failaction reassign
real 1.1.1.1
inservice
real 1.1.1.2
inservice
health retries 1 failed 120
probe applicationA_probe
sticky 1 cookie applicationA_sticky insert timeout 10
vserver applicationA-HTTP
virtual 2.2.2.10 tcp www
unidirectional
serverfarm applicationA
sticky 10 group 1
no persistent rebalance
inservice
Doing show mod csm 1 sticky
group sticky-data real timeout
1 cookie F5BF7115:F80EA688 1.1.1.1 0
1 cookie 4AFC972B:BB722437 1.1.1.2 0
Then a show mod csm 1 sticky config
Group NumEntries Timeout Type
1 82 10 cookie-insert applicationA_sticky
When browsing to the VIP I see the application page via one of the reals. For the sake of the test I am using round-robin. Without cookies applied my browser will bounce between reals (I turned off persistent rebalance during testing) as expected.
With a sticky cookie inserted the browser stays on one of the real’s, however the timeout which I have applied does not work. The client will stay stuck to the real almost indefinitely (the actual cookie expiry is 2099!).
The online documentation advised that the method I am using should work as expected:
Quote
This example shows how to configure a virtual server named barnett, associate it with the server farm named bosco, and configure a sticky connection with a duration of 50 minutes to sticky group 12:
Router(config)# mod csm 2
Router(config-module-csm)# sticky 1 cookie foo timeout 100
Router(config-module-csm)# exit
Router(config-module-csm)#
Router(config-module-csm)# serverfarm bosco
Router(config-slb-sfarm)# real 10.1.0.105
Router(config-slb-real)# inservice
Router(config-slb-real)# exit
Router(config-slb-sfarm)#
Router(config-slb-sfarm)# vserver barnett
Router(config-slb-vserver)# virtual 10.1.0.85 tcp 80
Router(config-slb-vserver)# serverfarm bosco
Router(config-slb-vserver)# sticky 50 group 12
Router(config-slb-vserver)# inservice
Router(config-slb-vserver)# exit
Router(config-module-csm)# end
End Quote
I am guessing that sticky group 12 / 1 is a typo
Looking at the documentation, sticky can also be applied not in the vserver config but in a policy (this is how we are doing IP stickiness). I have tried both methods. Same result.
I am natting the client address to a private pool which then talks to the reals (and back). Would'nt expect this to be any issue.
The CSM is running Software version: 4.3(5).
Any help appreciated.Good mornign Simon,
The behavior you are seeing is the expected one.
When the CSM is configured for cookie insertion, a static cookie value is created in the sticky table for each server. This is the cookie that is being inserted, using as expiration date the one defined in the COOKIE_INSERT_EXPIRATION_DATE variable.
With this stickiness method, there is no need to use a timeout, because, since the sticky table will only contain one entry for each server, it will never become full.
Quoting from the documentation:
Note The
configurable timeout values are not applied when using cookie insert.
You can adjust the timeout value using the environment variables.
If you don't want to keep the cookies in the client for that long, another approach you can use is setting an empty date in the COOKIE_INSERT_EXPIRATION_DATE variable. When doing that, the cookie will be inserted without an expiration date, so it will be cleared when the browser is closed.
I hope this answers your question
Regards
Daniel -
Hello,
We have a Catalyst 6500 w/ CSM-S configuration that has 2 serverfarms with identical real servers using the same VIP. Each farm has 50 real servers (2 IPs with 25 consecutive ports each). One of the serverfarms is defined under a SLB policy with client NAT and the second one directly under the vserver. Both serverfarms are configured with the same sticky group for cookie insert. When I issue "show mod csm 13 sticky group 4" I only see 52 entries instead of 100. Also, some of the entries are duplicate. All the rest of the sticky groups are displaying the correct number of cookie entries, matching the number of real servers in the farms. Any ideas on why this is?You probably have encountered the following bug fixed only in version 4.2.2
CSCsa74493
CSM: sticky insert table not updated if adding new reals
The workaround is to reboot the CSM or reconfigure reals, policy and vserver in the correct order.
Gilles. -
CSM sticky timeout value - is this an idle timeout value?
We have sticky groups configured in our CSM, with an timeout value of 60 minutes. My question is does the timeout value reference an 'idle' value, such as a user disconnected from the session, and now that timer is counting down from the 60 minutes to 0, to remove the stale session out of CSM?
Or is this some other kind of value? If so, what does the value actually represent?
Group CurrConns Timeout Type
17 290 60 src-ip netmask 255.255.255.255
Also, from this info below, is "this" timeout value in seconds, or should this show in minutes? Or is this a bug that I need to resolve by updating the CSM version? We're still on v2.2(1).
CSM with SSL WS-X6066-SLB-S-K9
Thanks, Tony
switch#sho mod csm 1 sticky group 17
group sticky-data real timeout
17 ip 10.x.x.x 10.x.x.x 3469
17 ip 10.x.x.x 10.x.x.x 3275
17 ip 10.x.x.x 10.x.x.x 3016
17 ip 10.x.x.x 10.x.x.x 2791
17 ip 10.x.x.x 10.x.x.x 879Hi Ajay, thank you for the response. From your reply, "It appears that you have configured the sticky timeout value higher then the default value. So the sticky timeout value is in minutes," we set each group to have a 60 minute timeout value. I had read from another string that the timeout values I'm seeing in this table were incorrectly displayed, due to an upgraded needed on the CSM. We're running 2.2(1), and I thought I remember reading 4.2.2 was required to correct this bug?
switch#sho mod csm 1 sticky group 17
group sticky-data real timeout
17 ip 10.x.x.x 10.x.x.x 3469
17 ip 10.x.x.x 10.x.x.x 3275
17 ip 10.x.x.x 10.x.x.x 3016
17 ip 10.x.x.x 10.x.x.x 2791
17 ip 10.x.x.x 10.x.x.x 879 -
How I can see the amount of sticky entries exist on CSM
Hi everyone,
I would like to know how I can see the amount of sticky entries exist on CSM.
I understand I can not see the amount of sticky entries by executing one "show"
command on Cat6k/CSM.
So I have to calculate several output of "show ip slb sticky" to see it.
However, I would like to get it by simple way.
So I tried the following test by using SNMP (SNMP-GET point to several instance
of "slbStats", of 1.3.6.1.4.1.9.9.161.1.1.1.1)
Client ----- CSM ----- Server
1: Reboot CSM to clear/initialize sticky table
2: Client send ping to Server to confirm that the result of counter of "slbStats"
remains zero (0).
In this case, I understand CSM should not create an entry on sticky table because
the packet pass through CSM is not either TCP or UDP.
3: Then I tried to SNMP-GET to CSM point to several instance of "slbStats"
The result of this SNMP-GET is as follows:
Before sending ping
slbStatsCreatedConnections.2 : 0
slbStatsCreatedHCConnections.2 : 0
slbStatsEstablishedConnections.2 : 0
slbStatsEstablishedHCConnections.2 : 0
slbStatsDestroyedConnections.2 : 0
slbStatsDestroyedHCCConnections.2 : 0
After sending ping
slbStatsCreatedConnections.2 : 4
slbStatsCreatedHCConnections.2 : 4
slbStatsEstablishedConnections.2 : 1
slbStatsEstablishedHCConnections.2 : 1
slbStatsDestroyedConnections.2 : 3
slbStatsDestroyedHCCConnections.2 : 3
I wonder why all of above MIB objects are increased despite of the packets pass
through CSM are ICMP.
So I can not determine whether I should use this method (using SNMP) or not to
see correct value of the amount of sticky entries
And I would like to know alternative method to see it by SNMP or other simple way.
Your information would be greatly appreciatedHi Gilles,
Thank you very much for your pointing and suggestion and I am sorry for my delay response.
I understand there are two kind of CLI on CSM depend on using CSM mode or RP mode.
- show command begins with "show ip slb" when using CSM mode (ip slb mode csm)
- show command begins with "show mode csm x" when using RP mode (ip slb mode rp)
And "show mod csm x sticky config" command can be done on RP mode only.
So I tried to "show ip slb sticky config" command on CSM mode, but I could not find
"config" argument as follows,
ct65svf1#sh ip slb sticky ?
client sticky associated with a specific client IP address
groups list configured sticky groups
| Output modifiers
ct65svf1#sh ip slb sticky
So I think, on CSM mode, I can not calculate the amount of sticky entry by executing one
show command.
Is my understanding correct ?
Best regards,
Maybe you are looking for
-
Can two people with two iTunes account share an iPad
Just a question. I want to share my iPad but not my iTunes account.. How
-
Exception Handling in packages called from forms
I am running 10g forms that have many calls to packages/procedures in the database. I am seeing hanging processes on the web server (even after forms processes are stopped) and 1 of the causes Oracle listed was not having proper exception handling in
-
Running specific VM on Windows - dll collision?
I've got an app install that bundles the Java VM and my app's JAR. I've created an .exe that launches the VM with the JAR in the path. This works fine when no other VMs are running on the machine. However, if there are other VMs running, the app exhi
-
Autosizing columns in the finder column view
would anyone happen to know how to get the columns to "autosize" each time you enter the finder in column-view? i have seen a manual option before, i believe when saving files (in a save-as dialog box), however am not sure... would very much apprecia
-
Using Photoshop CS3 & After Effects CS3
Hey All, I just created an animation in After Effects CS3. I am working from a 2D PSD file with a lot of layers. I am working on a PPC Mac, Quad G5 with 4.5GB RAM. I am running OS X 10.4.11. When I add the comp to the render queue it cannot render du