CSS 11501 Load Balancing Issue
Hi,
We are facing some issue in load balancing in cisco CSS 11501 as we are not able to access the application through virtual IP. Below is the ruuning configuration of the CSS:
CSS11501# sh running-config
!Generated on 10/06/2010 16:51:34
!Active version: sg0810106
configure
!*************************** GLOBAL ***************************
ip route 0.0.0.0 0.0.0.0 132.186.199.1 1
!************************** CIRCUIT **************************
circuit VLAN1
ip address 132.186.199.145 255.255.255.0
!************************** SERVICE **************************
service Server1
ip address 132.186.199.243
port 5001
protocol tcp
keepalive port 5001
active
service Server2
ip address 132.186.199.246
protocol tcp
port 5001
keepalive port 5001
active
!*************************** OWNER ***************************
owner L5_Owner
content L3_Rule
vip address 132.186.199.146
protocol tcp
port 5001
add service Server1
add service Server2
active
content L5_Rule
vip address 132.186.199.146
add service Server1
add service Server2
protocol tcp
port 5001
url "//132.186.199.146:5001/emi"
active
CSS11501#
Observation : We are able to telnet on VIP: 132.186.199.146 on port 5001, but not able to access the application.
In Actual scenarion customer access application by accessing URL: http://132.186.199.243:5001/emi and once he enter this URL in web browser the request redirects ( by server itself) to URL: https://132.186.199.44:6002/cas/login?service=http%3A%2F%2F132.186.199.243%3A5001%2Femi%2Findex.jsp&acceptStrength=BASIC on backend server for user authenticaton and once user is authenticated then it again redirect to main URL ( http://132.186.199.243:5001/emi ) to access the application but when we are trying to access the application through VIP ( URL: http://132.186.199.146:5001/emi) we are not getting the login page as the request is not gettting redirected to backend server for user authentication.
Please suggest a solution here.
The problem is that you are in one-armed mode.
So you need to configure client nat.
Without nating the client ip address, the server response goes back directly to the client and bypasses the CSS.
Therefore the client receives a response from an unknown server ip address (not the vip).
So configure a group.
For example
group Client
vip address 132.186.199.146
add destination service Server1
add destination service Server2
active
Also, remove the url command from your content rule.
It is useless in your case and will just make performance worst.
Gilles.
Similar Messages
-
CSS 11501 Load Balancing with X-forwarded-for
Hi,
We have a pair of CSS 11501,
Currently it is using source ip for load balancing and 5 servers as backend , however we have users loggin in using http and based on its source IP (ISP PROXY) , it is forwarded to SERVER A.
However, we have a SSL page and when the client switches over to SSL , it is forwarded to SERVER B/C/D/E based on its source IP ( REAL CLIENT IP) .
This will cause the user to be terminated as the 5 servers are independent and not running in a cluster.
Is there any way that we can use the X-Forwarded-For address to load balance so that when users loging , they are sent to SERVER A (Based on X-Forwarded-For Header IP which translate to REAL CLIENT IP).
This way we are able to also send it back to the same server when it uses SSL.
I believe that we should be able to load balance using X-Forwarded-For IP or to rewrite the X-Forwarded-For IP into client source IP
RegardsHi,
Unfortunately CSS does not support X-Forwarded-For, and even if CSS supports that, this wont work if you are not using SSL termination.
One option that you can use here, is using SSL termination, so you can manage the SSL traffic on HTTP on the CSS, in this way you can use the same HTTP content rule which is the one currently working.
In summary, you will have an SSL content rule that will decrypt the traffic, and this one will use the same content rule that already exist for HTTP, in case that the server is the one doing the redirect to SSL, but this is something that requires testing since depending on the redirect behavior we might have a redirect loop, but without details it is kind of hard to confirm that you will face this with this option.
Another option, which is less complex, is to use a portless content rule, so this content rule will match port 443 and 80 at the same time, and using sticky or balance based on source IP, you will get the same result with less config. The downside is the troubleshooting, but in this way you will have what you want.
content HTTP-HTTPS
vip address 10.198.44.70
advanced-balance sticky-srcip
add service server1
add service server2
add service server3
add service server4
add service server5
protocol tcp
active
Here the content rule is not looking for the destination port, it is just looking for the source IP, and HTTP and HTTPS will end all the time on the same server.
Thanks,
Rodrigo -
CSS arrowpoint cookie load balancing issue
Hi guys,
I need some advice on a load balancing issue.
We have connections hitting the CSS via a proxy environment. As a result i see only one source ip address. I want to use arrowpoint cookies for session stickeyness. However when i enable the rule the tcp session negotiation fails. The CSS sends a TCP/RST which terminates the session.
Here's the rule config:
content HTTP_rule
add service ZSTS299102
add service ZSTS281101
vip address <filtered>
add service LONS299102
add service LONS281101
balance weightedrr
change service ZSTS299102 weight 5
change service ZSTS281101 weight 5
advanced-balance arrowpoint-cookie
protocol tcp
port 80
url "/*"
active
Any help would be much appreciated.Remko,
in L3/L4 the CSS sends the SYN directly to the server.
So when the FIN comes in, we simply pass it to the server.
With L5 the CSS spoofs the connection and we select the server only after receiving the GET.
If there was some delay between the GET and the FIN, the CSS would have time to establish a connection with the server and the FIN could be simply forwarded.
Unfortunately, in this case the FIN is right after the GET with no delay.
Gilles. -
Using a single CSS to load balance multiple services
Is it possible to use a single CSS to load balance 3 different services (server farm) ? That mean the CSS need to advertise 3 VIP
I'm thinking of two scenarios:
1 - configure the CSS to use 4 interfaces: 1 to public, 3 to private (each interface will plug-in to a different vlan/server farm)
2 - configure the CSS to use 2 interfaces: 1 to public, 1 to private (all 3 server farms are in the same vlan)
Will both scenarios work ?
Thanks
--Phillip.Hi Phillip,
both scenarios will work. One CSS can certainly manage more than 3 services! You can even use just one VIP for all traffic, then just create the proper rules to send specific traffic to the corresponding service(s). No need for 3 VIPs.
Regards
-juerg -
Hi all,
During our testing we are getting a load balancing issue. However, one of the agates in our network is has more CPU power than compared to the other agates in our ITS network. The memory on all the agate servers is the same.
Our current issue we are getting is the one agate that has more cpu power but acquires more sessions as compared to the other two agates. It roughly gets 60 more sessions per agate process as compare to the other Agate servers. Does having more cpu on a Agate affect the load balancing on ITS? We are on ITS patch level 19 with the Hotfix.
Thanks,
Jin BaeHello Jin,
yes, at (re)initialize the WGate retrieves the capacity from the AGates.
This is an accumulated number based on CPU performance and the number of CPUs!
The number can be seen in "wgate-status" as the "Capacity" of the AGate.
When running multiprocess Agates the number is retrieved from the MManager and also involves the number of agate-processes.
The WGate dispatches the load in proportion depending on these capacity numbers.
By my knowledge there is no way that these values can be configured (fixed).
Regards,
Fekke -
SIP load balancing issue with ACE 4710
SIP Load balancing Issue with ACE 4710
I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
rserver host CIN-VOX-31
ip address 172.20.130.31
inservice
rserver host CIN-VOX-32
ip address 172.20.130.32
inservice
serverfarm host CIN-VOX
probe SIP-5060
rserver CIN-VOX-31
inservice
rserver CIN-VOX-32
inservice
sticky sip-header Call-ID VOX_SIP_GROUP
timeout 1
timeout activeconns
replicate sticky
serverfarm CIN-VOX
class-map match-all CIN_VOX_L4_CLASS
2 match virtual-address 172.22.12.30 any
class-map match-all CIN_VOX_SIP_L4_CLASS
2 match virtual-address 172.22.12.30 udp eq sip
policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
class class-default
sticky-serverfarm VOX_SIP_GROUP
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
class CIN_VOX_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
interface vlan 20
description VIP_DMZ_VLAN
ip address 172.22.12.4 255.255.255.192
alias 172.22.12.3 255.255.255.192
peer ip address 172.22.12.5 255.255.255.192
access-group input PERMIT-ANY-LB
service-policy input GLOBAL_DMZ_POLICY
could you please help me on this...
thanks
Rakesh PatelI mean there should be one more statement-
class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY
match sip header Call_ID header-value sip:
and that will be called under-
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
is that missing in your config ? -
Hi,
I'm facing a problem with CSS while load balaning for the web application with two servers.
The application is based on activex..
Basically I have two servers running web application for which I have created VIP in the CSS, user hits the VIP address and they access the application, also we use the sticky thing as the application requires the session persistence.. everything is fine, but the problem starts when one of the server fails...
Assume a user hits the VIP address and access the application, due to the sticky thing his session will be with server A (for eg.), now suddenly the server A fails and in that time the user was doing a transcation and inputting some data and after that he press the submit button on the page, as the server A is down the web page gets refreshed and he has to relogin to the application and redo the whole thing what he was doing in that particular transcation...
Now the application guys are telling this problem should not happen as the CSS should be able to take care of the session getting reestablished to the other server B during the server A failure...
Can someone through some lights on this... I'm bit confused now... as what I understand is that the webpage gets refreshed during a server failure because the tcp session id will get changed and the server B will not accept the same tcp session so it reinitiates the new session...
Is my understanding right?? or is there something which we can do on the CSS to avoid this problem...
Regards
Vijay.Hi Gilles,
Thanks for the clarification.
I have two more issues too...
1. The load balancing of the application between the two servers are not even. Actually the traffic from the users keep hitting only one server, I understand the point of sticky method used in our case, but even atleast the connection from another client machine should go to the other server,but it is not the case... traffic from all the clients goes to only one server..
what could be the possible reason for the same...
My config is as below...
service SERVER-1
port 80
protocol tcp
keepalive port 80
keepalive type tcp
redundant-index 4
ip address 10.6.223.87
active
service SERVER-2
port 80
protocol tcp
keepalive port 80
keepalive type tcp
ip address 10.6.223.77
redundant-index 5
active
owner WEB
content WEB
add service SERVER-1
add service SERVER-2
redundant-index 104
vip address 10.6.223.78
protocol tcp
port 80
url "/webretrieve*"
advanced-balance sticky-srcip
active
2. Slow response of the application when users access application through VIP address(CSS), what can be done further in the configuration to improve the performance?? or any thing else I can do...
Regards -
CSS load balancing issue: url isn't accessible even though services are up
service Server1:80
ip address 10.10.10.34
protocol tcp
port 80
keepalive type http
keepalive uri "/test.asp"
active
service Server2:80
protocol tcp
port 80
keepalive type http
keepalive uri "/test.asp"
ip address 10.10.10.35
active
owner Ow1
content LBR1:80
vip address 192.168.1.159
port 80
protocol tcp
url "/*"
balance weightedrr
add service Server1:80
add service Server2:80
advanced-balance sticky-srcip
sticky-inact-timeout 21
flow-timeout-multiplier 8
active
service Server1:80
ip address 10.10.10.34
protocol tcp
port 80
keepalive type http
keepalive uri "/test.asp"
active
service Server2:80
protocol tcp
port 80
keepalive type http
keepalive uri "/test.asp"
ip address 10.10.10.35
active
owner OW1
content LBR2:80
vip address 192.168.1.98
protocol tcp
port 80
url "/*"
balance weightedrr
add service Server1:80
add service Server2:80
advanced-balance sticky-srcip
sticky-inact-timeout 21
flow-timeout-multiplier 8
active
All services are alive all the time and both contexts are alive all the time.
when user tries to access LBR2:80's URL it works all the time. but when user tries to access LBR1:80's url then it works sometimes and some times it doesn't work.
could you advise what the issue could be?When the SYN comes in the CSS will first check for the srcip in the sticky database and if it finds a match will forward to the stuck server. If the source ip is not in the sticky database the request will be load balanced using weightedrr and a server selected. That sticky server will then be added to the sticky database.
If the sticky-srcip is used between 2 content rule, it will use separate sticky table.
You may need to take packet capture to understand what is really failing along with
a following outputs :
sh flow
sh rule Ow1 LBR1:80 ser
regards
Andrew -
CSS 11501 - Network reconnection issue
Using a CSS 11501 switch to configure both Load balancing and server hot standby between two servers (of same config). Clients are connecting to the server using tcp/ip sessions.
The configuration used is shown below:
=========================================
configure
ip route 0.0.0.0 0.0.0.0 10.167.50.1 1
!************************* INTERFACE
interface e2
bridge vlan 9
interface e3
bridge vlan 9
!************************** CIRCUIT
circuit VLAN1
ip address 10.167.50.108 255.255.254.0
circuit VLAN9
ip address 10.167.70.1 255.255.254.0
!************************** SERVICE
service abc_service1
ip address 10.167.70.2
protocol tcp
port 6300
keepalive type tcp
active
service abc_service2
ip address 10.167.70.3
protocol tcp
port 6300
keepalive type tcp
active
!*************************** OWNER
owner xxxxx
content abc_crule
vip address 10.167.50.109
add service abc_service1
add service abc_service2
protocol tcp
port 6300
balance aca
active
===============================
We conducted three tests to verify the hot standby while client sending the data to server app thro tcp/ip.
1) Brought down the service on one server 2) Restarted the OS (Windows 2003) on one server 3) Removed a network cable of one of the server connecting to CSS.
client app lost the conn to the service/server, but when it tried reconnecting to the alternate server, it was successful.
CSS status reflected the actual status of the service/server.
But in third test (removing network conn) the service state changed from "Alive" to "Down" and client app lost conn to the server. Client app tried reconnecting and it was successful connecting to the alternate server.
But when we connected the network cable back, the CSS state was continue to be in "Down". Also,the network connection between CSS and server was not available after reconnection. Also, the status of alternate server changed to "Down", but still client app was successfully transmitting to the alternate server. Stopping the client app and tried reconnecting,
the connection was not going thro.
The connection could be established between CSS and server boxes only after restarting the OS(running windows 2003).
Issues:
1. Service status in CSS continue to be down even after reconnecting the cable with the service running.
2. CSS status of the first service also went down after reconnecting the other server.
3. Client app could not reconnect to any of the servers.
Are we missing any configuration parameter in CSS which will address the above?
regards
ParamParam,
what software version for the CSS ?
Did you see an ARP entry on the server for the CSS ?
Did you see an ARP entry on the CSS for the server ?
is the server directly connected to the CSS or is there an L2 switch inbetween ?
Could you configure 'bridge spanning-tree disabled' on the CSS and see if this improves the situation.
Regards,
Gilles. -
Hi all,
I using the CSS 11500 sg0750004 (07.50.0.04) to balacing requests between two web application servers, but the after applied the configurations, the balancing requests don't occurs as expect, see the configuration applied:
service SAPSRV1_8000
ip address 192.215.13.44
protocol tcp
keepalive method get
keepalive type tcp
keepalive port 8000
keepalive frequency 30
port 8000
string sapsrv1
active
service SAPSRV2_8000
ip address 192.215.13.45
protocol tcp
keepalive method get
keepalive type tcp
keepalive port 8000
keepalive frequency 30
port 8000
string sapsrv2
active
content SAPSRVS_8000
add service SAPSRV1_8000
add service SAPSRV2_8000
vip address 192.215.13.40
advanced-balance cookies
string process-length 7
no persistent
protocol tcp
port 8000
url "/*"
string prefix "sap-hostid="
string range 1 to 1999
active
group SAPSRV1_SAPSRV2Servers
add destination service SAPSRV1_8000
add destination service SAPSRV2_8000
vip address 192.215.13.40
active
So, the VIP Address is exclusively to the group service and the tcp port also is exclusively.
Could you please assist me, why the load balancing doesn't running correctly?
Case need more information, please let me know.
Thank you in advanced.
Sergio LimaHello Sergio,
Can you please elaborate on the issues you are experiencing? When you mention the VIP is not working as expected is that due to the fact that the connection simply hangs? Is the CSS actually balancing the inbound traffic? Or is it successfully balancing the traffic, but not maintaining session persistence based on the server-side cookie? Do you know if the session cookie will be embedded within the HTTP header or the URL string? If you are unsure you can always change the "advanced-balance" method to "cookie-url". Can you ping the VIP address?
Also, can you confirm that the server-side cookie should be located directly after the following name "sap-hostid="?
Ex:
sap-hostid=sapsrv1
The reason why I ask is you do not have a string skip-length defined so the CSS will attempt to locate the server-side cookie string after the prefix.
Also, have you verified the services have passed their keep-alive check? This can be performed by running the following command:
show service-summary
Both of the services should "alive" on their keep-alive check.
Also, on your service configuration you do not require the "keepalive method get" command since the services are setup to perform a tcp socket connection for their keep-alive check and not a keepalive type of http to a URI page.
service SAPSRV1_8000
ip address 192.215.13.44
protocol tcp
keepalive type tcp
keepalive port 8000
keepalive frequency 30
port 8000
string sapsrv1
active
service SAPSRV2_8000
ip address 192.215.13.45
protocol tcp
keepalive type tcp
keepalive port 8000
keepalive frequency 30
port 8000
string sapsrv2
active
Also, based on the service and content rule configuration it would seem as though your CSS has been deployed in Bridged Mode (single Circuit VLAN). That being said, the Group Rule will allow users from the 192.215.13.0/24 network to establish a port 8000 connection to the 192.215.13.40 VIP. However, please be advised external clients establishing a connection to the 192.215.13.40 VIP will "appear" as the .40 VIP address within the destination server logs. The CSS will SNAT the inbound client traffic and masquerade their true source address as the VIP. Unfortunately, the CSS does not support the X-Forwarded-For HTTP header option. However, this can be bypassed through the use of ACLs on the CSS.
- Jason -
Load-balancing issues with iPlanet and multiple clusters
We're in performance test of a large-scale clustered deployment based on WLS 5.1sp10.
Due to scalability/functionality issues, some of which we've seen firsthand and
some of which we've been informed of by associates as well as BEA representatives,
we've chosen to implement multiple clusters with a maximum of three nodes each.
These clusters will be fronted by a web server tier consisting of iPlanet servers
using the proxy plugin.
Due to hardware constraints (both in test and in production), however, we've configured
the iPlanet servers to route across the multiple clusters. In our test environment,
for instance, we've got a single iPlanet server routing across two 3-node clusters,
and the configuration in obj.conf is as follows:
<Object name="application" ppath="*/application">
Service fn="wl-proxy" \
WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
clusterB_3:9991" \
CookieName="ApplicationSession"
</Object>
Our issue is that the load-balancing doesn't appear to work across the clusters.
We're seeing one cluster get about 90% of the load, while the other receives
only 10%.
So, the question (finally!) is: Is this configuration correct (i.e., will it
work according to the logic of the proxy plugin), and is it appropriate for this
situation? Are there other alternative approaches that anyone can recommend?
Thanks in advance,
cramerI use weblogic6.1 with sp2+windows 2000.I develop a web application and deploy
it to cluster.Through HttpClusterServlets proxy of weblogic I found that a server
in cluster almost get 95% of requests but another only get 5% of requests.Why???
I don't set any special parameter.And the weight of the two clustered server is
equal.I use round-robin arithmetic.
Thanks!
"cramer" <[email protected]> wrote:
>
We're in performance test of a large-scale clustered deployment based
on WLS 5.1sp10.
Due to scalability/functionality issues, some of which we've seen firsthand
and
some of which we've been informed of by associates as well as BEA representatives,
we've chosen to implement multiple clusters with a maximum of three nodes
each.
These clusters will be fronted by a web server tier consisting of iPlanet
servers
using the proxy plugin.
Due to hardware constraints (both in test and in production), however,
we've configured
the iPlanet servers to route across the multiple clusters. In our test
environment,
for instance, we've got a single iPlanet server routing across two 3-node
clusters,
and the configuration in obj.conf is as follows:
<Object name="application" ppath="*/application">
Service fn="wl-proxy" \
WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
clusterB_3:9991" \
CookieName="ApplicationSession"
</Object>
Our issue is that the load-balancing doesn't appear to work across the
clusters.
We're seeing one cluster get about 90% of the load, while the other
receives
only 10%.
So, the question (finally!) is: Is this configuration correct (i.e.,
will it
work according to the logic of the proxy plugin), and is it appropriate
for this
situation? Are there other alternative approaches that anyone can recommend?
Thanks in advance,
cramer -
Could not retrieve Enterprise Global Template - Load balancer issue
Hi,
We have 4 Project Server 2010 servers. The 4 web servers are load balanced by networking team with sticky session configured.
When we try to connect to the Project Server using MPP 2007 SP2, it fails saying 'Could not retrieve Enterprise Global template'. It works perfect when we point to a specific server by specifying the IP address for server name in the 'hosts'
file.
Earlier we observed some errors in the event viewer related to the SharePoint's internal load balancer for which restarted the 'Project Server Application' on each web server and it got fixed.
Now, the only entries that we see related to load balancer are as mentioned below as Information (not errors).
SharePoint Web Services Round Robin Service Load Balancer Event: Initialization
Process Name: w3wp
Process ID: 15080
AppDomain Name: /LM/W3SVC/539065287/ROOT-1-130462463500778047
AppDomain ID: 2
Service Application Uri: urn:schemas-microsoft-com:sharepoint:service:ae7c7ee5c09b4e8198bdbb1ecb8c1c1b#authority=urn:uuid:9f626d347784423eb14bde4a1f4d13fc&authority=https://lonms12546:32844/Topology/topology.svc
Active Endpoints: 4
Failed Endpoints:0
Endpoint List:
http://lonxxx2532:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
http://lonxxx2545:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
http://lonxxx2546:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
http://lonxxx2566:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
Could the issue be due to network load balancer?
Could the issue be due to Sticky session configuration on the load balancer.?
How can we get to the root cause of the issue?
Which logging category should we set to 'Verbose' that can give us some hint.
Update: We tried to capture the requests through fiddler and observed that when fiddler is running on the client computer then the connection works perfectly fine even through the load balancer. Probably fiddler is reformatting the SOAP
envelop of the web service requests the way it should before sending the request to the server.
If we do not run fiddler and run some other similar tool (like Charles) then it again gives the issue and the request stucks at /PWA/_vti_bin/psi/winproj.asmx
We ran Wireshark on the servers and found the following for that web service call:
[TCP Previous segment not captured] Continuation or non-HTTP traffic.
Please let me know if someone could provide any hint what can be done next.
Regards, Amit GuptaThere are several ways to configure your load balancer. I would suggest that you work with the network engineer, the load balancer vendor and your project administrator to resolve this issue.
Basically you need URL to be resolved correctly. Also, I don't believe PS2007 did a good job handling load balancing, so you may need to bring someone in good with IIS and see they can tweek IIS to manage the cache better.
As I go back and look at your analysis, I think you should probably look at upgrading to Project Server 2013. They made some improvement in load balancing and the management of distributive cache.
I assume you have 4 WFE because you have thousands of project users. Roughly how many you have? Over 1000, over 5000
Have you tried to see if using two load balancing work? How about just one front end. I often see companies scaling SharePoint and Project server to extremes.
Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
Website http://www.WhartonComputer.com
Blog http://MyProjectExpert.com contains my field notes and SQL queries -
Cisco ACE20 Load balancing issues
Dear All,
I have a problem with the ACE 20 load balance
To start with following is our architectural request flow:
Load Balancer --> Webseal /(reverse proxy) --> HTTP Server --> Portal Server
We have Hardware Load Balancer Cisco ACE20.
When we access our portal from Webseal server it works totally fine without any issue, but when we access the same application using ACE we face the following issues:
1) Some of the links on do not work. For eg: We have a link "subscribe" which points to https://intranet/abc/wps/portal/subscription , whenever we click on this link, the request is directed to https://intranet/abc/wps/portal i.e homepage
2) URL redirection does not work We have some links which have a url forwarding or redirection for example when we open https://intranet/ef/quickplace it forwards the requests to https://intranet/ef/quickplace/Main.nsf?opendocument....., but this redirection fails and again the request is thrown to homepage i.e https://intranet/abc/wps/portal
3) The response of the request and the overall portal when accessed via ACE is very sluggish and it takes 20 seconds for homepage to load, whereas the homepage loads in 4 secs when accessed via webseal.
below is the ACE details. Kindly provide the your inputs to resolve this issue. will rate all the suggestions
Hardware Product Number: ACE20-MOD-K9
Card Index: 207
Hardware Rev: 2.3
Feature Bits: 0000 0002
Slot No. : 7
Type: ACE
Software
loader: Version 12.2[120]
system: Version A2(1.4) [build 3.0(0)A2(1.4) adbuild_11:54:12-2009/03/05_/a
uto/adbu-rel2/rel_a2_1_4_throttle/REL_3_0_0_A2_1_4]
system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_4.bin
installed license: ACE-SEC-LIC-K9Dear all,
Please suggest on this issue.
BS -
Hello,
We are having a difficult time getting our app to work correctly on our load balanced system. Any help / suggestions would be greatly appreciated.
We have a very basic load balancer which is in round robin mode (this cannot be changed), two separate vms, each with an instance of apache(2.0.54) and tomcat(6.0.14). Each apache talks only to the tomcat on the same vm and the tomcats are configured to session replicate with each other (which is happening).
When I log in to the app and start pressing a few buttons there are no problems for a little while. I then leave the screen idle for 1 minute and resume pressing buttons. The main session bean which holds information about where the user is and other key information, gets its constructor called and is set back to default and the page goes back to the main menu. Immediately before the bean is reset, the logs show the following:
[MyApp] 17 Jun 2009 15:33:27,514 WARN: [ajp-8009-2 LoggerListener.onApplicationEvent(60)] : Authentication event AuthenticationSuccessEvent: v; details: (etc etc removed…)This is what the two logs look like:
VM1 - Authentication event
VM2 - Main menu
VM2 - Presss a button – progress a screen
VM2 - Presss a button – progress a screen
VM2 - Presss a button – progress a screen
VM2 - Presss a button – progress a screen
[wait 1 min]
VM1 - Authentication event
VM1 - Bean reset
Processing continues, but screen is redirected to main menu
We have the distributable tag in the web.xml file and javax.faces.STATE_SAVING_METHOD is set to client. Its set to client as the app will not work at all with it set to server (keeps asking for the user to re-log in).
Thank you,
VictoriaLooks like a Tomcat issue to me. JSF is not going to timeout in 1 minute. You might want to check your Tomcat replication settings. Note try to do a very simple loadbalancing application that just echos the Tomcat is executing on.
-
Load Balancing Issues SOMEBODY HELP ME!!
Good Morning.
A few days ago we implemented Load Balancing in our company, I printed a step by step procedure from MS and just follow it thinking that once I did that everything was going to be ok, but I am some issues that I managed to fix, but now I am stock in one
that I just can't figure it out, here I go.
When regular users try to connect to the Farm using the external IP they can't connect, we checked firewall seems to be ok, we check the configuration we did and we didn't miss any step, NOW here is the crazy part, when we use our Admin ID we can connect,
so I thought maybe is an Active Directory thing, but I don't know where to look or what to do so my questions are,
Can this be a licensing issue?
Do I have to have my TSBroker as part of my group of PC in the firewall?
Can it be a certificate issue? (not too sure because I can connect as an admin)
Can it be permissions to log in to the servers?
My co-worked is telling me now that if TS Broker sent them to TS1 they can connect but if TSBroker send them to the other two members of the farms they can't connect, TS1 is the original TS before this whole Load Balancing thing.
we tried so many solutions that we can find online and come up with and nothing seems to be working, so what do I do? What did I do wrong when I configure the Load balancing? is there any step beside what MS told me that I am missing...
PLEASE HELP!!
Thank you..Hi Rodrigo,
Thank you for posting in Windows Server Forum.
What’s your server OS in your environment?
Firstly see that, if you have not set up RD Licensing server and don’t have RDS CAL then your administrator can only get access for RDP connection (only 2 connection for Admin purpose). Now if you want more than 2 connection you need to setup RD Licensing server,
activate it, purchase RDS CAL and install it. After installing, you need to see that your user have enough permission to access RDS server and your user must be added under “Remote Desktop User” local group under RDS Server.
As you have commented that your admin can able to connect so I think you must have the issue with user permission, please go through above points and check the result.
Please check below article for more details.
1. TS Session Broker Load Balancing Step-by-Step Guide (Server 2008)
2. Checklist: Create a Load-Balanced RD Session Host Server Farm by Using RD Connection Broker (Server 2008 R2)
Hope it helps!
Thanks.
Dharmesh Solanki
Maybe you are looking for
-
Doubt in the Oracle BPM Tutorial
Hi All, Iam new to this Oracle BPM.. Moreover i have installed the studio and other files... But at the point of working with the TUTORIAL iam getting an error as... All arguments must be fulfilled when defining the incoming argument mapping of a scr
-
Nokia 6230i Malfunction problem
my phone is nokia 6230i and i have DKU-2... i downloaded new version of PC suite...when i try to connect my phone to my PC, there's an error popping "ONE OF THE USB DEVICES ATTACHED TO THIS COMPUTER HAS MALFUNCTIONED..." pls help me im tired searchin
-
Report painter.....PCA reports & historical data issue
I need to create a report painter PCA report for P&L that will do the foll: --> Consolidated P&L for 2 company codes --> Company code 1 - YTD figures to include full year --> Company code 2 - YTD numbers to include only 2nd half year as company 2 was
-
What folder do I put new soundeffect mp3 files in?
I have gotten some free sound effects from iCreate magazine on the enclosed CD. They are mp3 files. Where would I put additional mp3 files so they are available in iMovie, Garage Band in the iLife Media browser? Thanks!
-
I can't download illustartor cs6 as part of my master collection trial. Whenever i try to re install this error message comes up saying that language pack couldnt be installed.