CSS 11501 Load Balancing Issue

Similar Messages

• CSS 11501 Load Balancing with X-forwarded-for

  Hi,
  We have a pair of CSS 11501,
  Currently it is using source ip for load balancing and 5 servers as backend , however we have users loggin in using http and based on its source IP (ISP PROXY) , it is forwarded to SERVER A.
  However, we have a SSL page and when the client switches over to SSL , it is forwarded to SERVER B/C/D/E  based on its source IP ( REAL CLIENT IP) .
  This will cause the user to be terminated as the 5 servers are independent and not running in a cluster.
  Is there any way that we can use the X-Forwarded-For address to load balance so that when users loging , they are sent to SERVER A (Based on X-Forwarded-For Header IP which translate to REAL CLIENT IP).
  This way we are able to also send it back to the same server when it uses SSL.
  I believe that we should be able to load balance using X-Forwarded-For IP or to rewrite the X-Forwarded-For IP into client source IP
  Regards

  Hi,
  Unfortunately CSS does not support X-Forwarded-For, and even if CSS supports that, this wont work if you are not using SSL termination.
  One option that you can use here, is using SSL termination, so you can manage the SSL traffic on HTTP on the CSS, in this way you can use the same HTTP content rule which is the one currently working.
  In summary, you will have an SSL content rule that will decrypt the traffic, and this one will use the same content rule that already exist for HTTP, in case that the server is the one doing the redirect to SSL, but this is something that requires testing since depending on the redirect behavior we might have a redirect loop, but without details it is kind of hard to confirm that you will face this with this option.
  Another option, which is less complex, is to use a portless content rule, so this content rule will match port 443 and 80 at the same time, and using sticky or balance based on source IP, you will get the same result with less config. The downside is the troubleshooting, but in this way you will have what you want.
    content HTTP-HTTPS
      vip address 10.198.44.70
      advanced-balance sticky-srcip
      add service server1
      add service server2
      add service server3
      add service server4
      add service server5
      protocol tcp
      active
  Here the content rule is not looking for the destination port, it is just looking for the source IP, and HTTP and HTTPS will end all the time on the same server.
  Thanks,
  Rodrigo

• CSS arrowpoint cookie load balancing issue

  Hi guys,
  I need some advice on a load balancing issue.
  We have connections hitting the CSS via a proxy environment. As a result i see only one source ip address. I want to use arrowpoint cookies for session stickeyness. However when i enable the rule the tcp session negotiation fails. The CSS sends a TCP/RST which terminates the session.
  Here's the rule config:
  content HTTP_rule
  add service ZSTS299102
  add service ZSTS281101
  vip address <filtered>
  add service LONS299102
  add service LONS281101
  balance weightedrr
  change service ZSTS299102 weight 5
  change service ZSTS281101 weight 5
  advanced-balance arrowpoint-cookie
  protocol tcp
  port 80
  url "/*"
  active
  Any help would be much appreciated.

  Remko,
  in L3/L4 the CSS sends the SYN directly to the server.
  So when the FIN comes in, we simply pass it to the server.
  With L5 the CSS spoofs the connection and we select the server only after receiving the GET.
  If there was some delay between the GET and the FIN, the CSS would have time to establish a connection with the server and the FIN could be simply forwarded.
  Unfortunately, in this case the FIN is right after the GET with no delay.
  Gilles.

• Using a single CSS to load balance multiple services

  Is it possible to use a single CSS to load balance 3 different services (server farm) ? That mean the CSS need to advertise 3 VIP
  I'm thinking of two scenarios:
  1 - configure the CSS to use 4 interfaces: 1 to public, 3 to private (each interface will plug-in to a different vlan/server farm)
  2 - configure the CSS to use 2 interfaces: 1 to public, 1 to private (all 3 server farms are in the same vlan)
  Will both scenarios work ?
  Thanks
  --Phillip.

  Hi Phillip,
  both scenarios will work. One CSS can certainly manage more than 3 services! You can even use just one VIP for all traffic, then just create the proper rules to send specific traffic to the corresponding service(s). No need for 3 VIPs.
  Regards
  -juerg

• ITS load balancing issue

  Hi all,
  During our testing we are getting a load balancing issue.  However, one of the agates in our network is has more CPU power than compared to the other agates in our ITS network.  The memory on all the agate servers is the same. 
  Our current issue we are getting is the one agate that has more cpu power but acquires more sessions as compared to the other two agates.  It roughly gets 60 more sessions per agate process as compare to the other Agate servers.  Does having more cpu on a Agate affect the load balancing on ITS?  We are on ITS patch level 19 with the Hotfix. 
  Thanks,
  Jin Bae

  Hello Jin,
  yes, at (re)initialize the WGate retrieves the capacity from the AGates.
  This is an accumulated number based on CPU performance and the number of CPUs!
  The number can be seen in "wgate-status" as the "Capacity" of the AGate.
  When running multiprocess Agates the number is retrieved from the MManager and also involves the number of agate-processes.
  The WGate dispatches the load in proportion depending on these capacity numbers.
  By my knowledge there is no way that these values can be configured (fixed).
  Regards,
    Fekke

• SIP load balancing issue with ACE 4710

  SIP Load balancing Issue with ACE 4710
  I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
  rserver host CIN-VOX-31
    ip address 172.20.130.31
    inservice
  rserver host CIN-VOX-32
    ip address 172.20.130.32
    inservice
  serverfarm host CIN-VOX
    probe SIP-5060
    rserver CIN-VOX-31
      inservice
    rserver CIN-VOX-32
      inservice
  sticky sip-header Call-ID VOX_SIP_GROUP
    timeout 1
    timeout activeconns
    replicate sticky
    serverfarm CIN-VOX
  class-map match-all CIN_VOX_L4_CLASS
    2 match virtual-address 172.22.12.30 any
  class-map match-all CIN_VOX_SIP_L4_CLASS
    2 match virtual-address 172.22.12.30 udp eq sip
  policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
    class class-default
      sticky-serverfarm VOX_SIP_GROUP
  policy-map multi-match GLOBAL_DMZ_POLICY
     class CIN_VOX_SIP_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
    class CIN_VOX_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
  interface vlan 20
    description VIP_DMZ_VLAN
    ip address 172.22.12.4 255.255.255.192
    alias 172.22.12.3 255.255.255.192
    peer ip address 172.22.12.5 255.255.255.192
    access-group input PERMIT-ANY-LB
    service-policy input GLOBAL_DMZ_POLICY
  could you please help me on this...
  thanks
  Rakesh Patel

  I mean there should be one more statement-
  class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY 
  match sip header Call_ID header-value sip:
  and that will be called under-
  policy-map multi-match GLOBAL_DMZ_POLICY
     class CIN_VOX_SIP_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
  is that missing in your config ?

• CSS load balancing issue

  Hi,
  I'm facing a problem with CSS while load balaning for the web application with two servers.
  The application is based on activex..
  Basically I have two servers running web application for which I have created VIP in the CSS, user hits the VIP address and they access the application, also we use the sticky thing as the application requires the session persistence.. everything is fine, but the problem starts when one of the server fails...
  Assume a user hits the VIP address and access the application, due to the sticky thing his session will be with server A (for eg.), now suddenly the server A fails and in that time the user was doing a transcation and inputting some data and after that he press the submit button on the page, as the server A is down the web page gets refreshed and he has to relogin to the application and redo the whole thing what he was doing in that particular transcation...
  Now the application guys are telling this problem should not happen as the CSS should be able to take care of the session getting reestablished to the other server B during the server A failure...
  Can someone through some lights on this... I'm bit confused now... as what I understand is that the webpage gets refreshed during a server failure because the tcp session id will get changed and the server B will not accept the same tcp session so it reinitiates the new session...
  Is my understanding right?? or is there something which we can do on the CSS to avoid this problem...
  Regards
  Vijay.

  Hi Gilles,
  Thanks for the clarification.
  I have two more issues too...
  1. The load balancing of the application between the two servers are not even. Actually the traffic from the users keep hitting only one server, I understand the point of sticky method used in our case, but even atleast the connection from another client machine should go to the other server,but it is not the case... traffic from all the clients goes to only one server..
  what could be the possible reason for the same...
  My config is as below...
  service SERVER-1
  port 80
  protocol tcp
  keepalive port 80
  keepalive type tcp
  redundant-index 4
  ip address 10.6.223.87
  active
  service SERVER-2
  port 80
  protocol tcp
  keepalive port 80
  keepalive type tcp
  ip address 10.6.223.77
  redundant-index 5
  active
  owner WEB
  content WEB
  add service SERVER-1
  add service SERVER-2
  redundant-index 104
  vip address 10.6.223.78
  protocol tcp
  port 80
  url "/webretrieve*"
  advanced-balance sticky-srcip
  active
  2. Slow response of the application when users access application through VIP address(CSS), what can be done further in the configuration to improve the performance?? or any thing else I can do...
  Regards

• CSS load balancing issue: url isn't accessible even though services are up

  service Server1:80
    ip address 10.10.10.34
    protocol tcp
    port 80
    keepalive type http
    keepalive uri "/test.asp"
    active
  service Server2:80
    protocol tcp
    port 80
    keepalive type http
    keepalive uri "/test.asp"
    ip address 10.10.10.35
    active
  owner Ow1
  content LBR1:80
      vip address 192.168.1.159
      port 80
      protocol tcp
      url "/*"
      balance weightedrr
      add service Server1:80
      add service Server2:80
      advanced-balance sticky-srcip
      sticky-inact-timeout 21
      flow-timeout-multiplier 8
      active
  service Server1:80
    ip address 10.10.10.34
    protocol tcp
    port 80
    keepalive type http
    keepalive uri "/test.asp"
    active
  service Server2:80
    protocol tcp
    port 80
    keepalive type http
    keepalive uri "/test.asp"
    ip address 10.10.10.35
    active
  owner OW1
    content LBR2:80
      vip address 192.168.1.98
      protocol tcp
      port 80
      url "/*"
      balance weightedrr
      add service Server1:80
      add service Server2:80
      advanced-balance sticky-srcip
      sticky-inact-timeout 21
      flow-timeout-multiplier 8
      active
  All services are alive all the time and both contexts are alive all the time.
  when user tries to access LBR2:80's URL it works all the time. but when user tries to access LBR1:80's url then it works sometimes and some times it doesn't work.
  could you advise what the issue could be?

  When the SYN comes in the CSS will first check for the srcip in the sticky database and if it finds a match will forward to the stuck server. If the source ip is not in the sticky database the request will be load balanced using weightedrr and a server selected. That sticky server will then be added to the sticky database.
  If the sticky-srcip is used between 2 content rule, it will use separate sticky table.
  You may need to take packet capture to understand what is really failing along with
  a following outputs :
  sh flow
  sh rule Ow1 LBR1:80 ser
  regards
  Andrew

• CSS 11501 - Network reconnection issue

  Using a CSS 11501 switch to configure both Load balancing and server hot standby between two servers (of same config). Clients are connecting to the server using tcp/ip sessions.
  The configuration used is shown below:
  =========================================
  configure
  ip route 0.0.0.0 0.0.0.0 10.167.50.1 1
  !************************* INTERFACE
  interface e2
  bridge vlan 9
  interface e3
  bridge vlan 9
  !************************** CIRCUIT
  circuit VLAN1
  ip address 10.167.50.108 255.255.254.0
  circuit VLAN9
  ip address 10.167.70.1 255.255.254.0
  !************************** SERVICE
  service abc_service1
  ip address 10.167.70.2
  protocol tcp
  port 6300
  keepalive type tcp
  active
  service abc_service2
  ip address 10.167.70.3
  protocol tcp
  port 6300
  keepalive type tcp
  active
  !*************************** OWNER
  owner xxxxx
  content abc_crule
  vip address 10.167.50.109
  add service abc_service1
  add service abc_service2
  protocol tcp
  port 6300
  balance aca
  active
  ===============================
  We conducted three tests to verify the hot standby while client sending the data to server app thro tcp/ip.
  1) Brought down the service on one server 2) Restarted the OS (Windows 2003) on one server 3) Removed a network cable of one of the server connecting to CSS.
  client app lost the conn to the service/server, but when it tried reconnecting to the alternate server, it was successful.
  CSS status reflected the actual status of the service/server.
  But in third test (removing network conn) the service state changed from "Alive" to "Down" and client app lost conn to the server. Client app tried reconnecting and it was successful connecting to the alternate server.
  But when we connected the network cable back, the CSS state was continue to be in "Down". Also,the network connection between CSS and server was not available after reconnection. Also, the status of alternate server changed to "Down", but still client app was successfully transmitting to the alternate server. Stopping the client app and tried reconnecting,
  the connection was not going thro.
  The connection could be established between CSS and server boxes only after restarting the OS(running windows 2003).
  Issues:
  1. Service status in CSS continue to be down even after reconnecting the cable with the service running.
  2. CSS status of the first service also went down after reconnecting the other server.
  3. Client app could not reconnect to any of the servers.
  Are we missing any configuration parameter in CSS which will address the above?
  regards
  Param

  Param,
  what software version for the CSS ?
  Did you see an ARP entry on the server for the CSS ?
  Did you see an ARP entry on the CSS for the server ?
  is the server directly connected to the CSS or is there an L2 switch inbetween ?
  Could you configure 'bridge spanning-tree disabled' on the CSS and see if this improves the situation.
  Regards,
  Gilles.

• CSS11500 Load Balancing issue

  Hi all,
  I using the CSS 11500 sg0750004 (07.50.0.04) to balacing requests between two web application servers, but the after applied the configurations, the balancing requests don't occurs as expect, see the configuration applied:
  service SAPSRV1_8000
    ip address 192.215.13.44
    protocol tcp
    keepalive method get
    keepalive type tcp
    keepalive port 8000
    keepalive frequency 30
    port 8000
    string  sapsrv1
    active
  service SAPSRV2_8000
    ip address 192.215.13.45
    protocol tcp
    keepalive method get
    keepalive type tcp
    keepalive port 8000
    keepalive frequency 30
    port 8000
    string  sapsrv2
    active
  content SAPSRVS_8000
      add service SAPSRV1_8000
      add service SAPSRV2_8000
      vip address 192.215.13.40
      advanced-balance cookies
      string process-length 7
      no persistent
      protocol tcp
      port  8000
      url "/*"
      string prefix "sap-hostid="
      string range 1 to 1999
      active
  group SAPSRV1_SAPSRV2Servers
    add destination service SAPSRV1_8000
    add destination service SAPSRV2_8000
    vip address 192.215.13.40
    active
  So, the VIP Address is exclusively to the group service and the tcp port also is exclusively.
  Could you please assist me, why the load balancing doesn't running correctly?
  Case need more information, please let me know.
  Thank you in advanced.
  Sergio Lima

  Hello Sergio,
  Can you please elaborate on the issues you are experiencing? When you mention the VIP is not working as expected is that due to the fact that the connection simply hangs? Is the CSS actually balancing the inbound traffic?  Or is it successfully balancing the traffic, but not maintaining session persistence based on the server-side cookie?  Do you know if the session cookie will be embedded within the HTTP header or the URL string?  If you are unsure you can always change the "advanced-balance" method to "cookie-url". Can you ping the VIP address?
  Also, can you confirm that the server-side cookie should be located directly after the following name "sap-hostid="?
  Ex:
  sap-hostid=sapsrv1
  The reason why I ask is you do not have a string skip-length defined so the CSS will attempt to locate the server-side cookie string after the prefix.
  Also, have you verified the services have passed their keep-alive check? This can be performed by running the following command:
  show service-summary
  Both of the services should "alive" on their keep-alive check.
  Also, on your service configuration you do not require the "keepalive method get" command since the services are setup to perform a tcp socket connection for their keep-alive check and not a keepalive type of http to a URI page.
  service SAPSRV1_8000
    ip address 192.215.13.44
    protocol tcp
    keepalive type tcp
    keepalive port 8000
    keepalive frequency 30
    port 8000
    string  sapsrv1
    active
  service SAPSRV2_8000
    ip address 192.215.13.45
    protocol tcp
    keepalive type tcp
    keepalive port 8000
    keepalive frequency 30
    port 8000
    string  sapsrv2
    active
  Also, based on the service and content rule configuration it would seem as though your CSS has been deployed in Bridged Mode (single Circuit VLAN).  That being said, the Group Rule will allow users from the 192.215.13.0/24 network to establish a port 8000 connection to the 192.215.13.40 VIP. However, please be advised external clients establishing a connection to the 192.215.13.40 VIP will "appear" as the .40 VIP address within the destination server logs.  The CSS will SNAT the inbound client traffic and masquerade their true source address as the VIP. Unfortunately, the CSS does not support the X-Forwarded-For HTTP header option.  However, this can be bypassed through the use of ACLs on the CSS.
  - Jason

• Load-balancing issues with iPlanet and multiple clusters

  We're in performance test of a large-scale clustered deployment based on WLS 5.1sp10.
  Due to scalability/functionality issues, some of which we've seen firsthand and
  some of which we've been informed of by associates as well as BEA representatives,
  we've chosen to implement multiple clusters with a maximum of three nodes each.
  These clusters will be fronted by a web server tier consisting of iPlanet servers
  using the proxy plugin.
  Due to hardware constraints (both in test and in production), however, we've configured
  the iPlanet servers to route across the multiple clusters. In our test environment,
  for instance, we've got a single iPlanet server routing across two 3-node clusters,
  and the configuration in obj.conf is as follows:
  <Object name="application" ppath="*/application">
  Service fn="wl-proxy" \
  WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
  clusterB_3:9991" \
  CookieName="ApplicationSession"
  </Object>
  Our issue is that the load-balancing doesn't appear to work across the clusters.
  We're seeing one cluster get about 90% of the load, while the other receives
  only 10%.
  So, the question (finally!) is: Is this configuration correct (i.e., will it
  work according to the logic of the proxy plugin), and is it appropriate for this
  situation? Are there other alternative approaches that anyone can recommend?
  Thanks in advance,
  cramer

  I use weblogic6.1 with sp2+windows 2000.I develop a web application and deploy
  it to cluster.Through HttpClusterServlets proxy of weblogic I found that a server
  in cluster almost get 95% of requests but another only get 5% of requests.Why???
  I don't set any special parameter.And the weight of the two clustered server is
  equal.I use round-robin arithmetic.
  Thanks!
  "cramer" <[email protected]> wrote:
  >
  We're in performance test of a large-scale clustered deployment based
  on WLS 5.1sp10.
  Due to scalability/functionality issues, some of which we've seen firsthand
  and
  some of which we've been informed of by associates as well as BEA representatives,
  we've chosen to implement multiple clusters with a maximum of three nodes
  each.
  These clusters will be fronted by a web server tier consisting of iPlanet
  servers
  using the proxy plugin.
  Due to hardware constraints (both in test and in production), however,
  we've configured
  the iPlanet servers to route across the multiple clusters. In our test
  environment,
  for instance, we've got a single iPlanet server routing across two 3-node
  clusters,
  and the configuration in obj.conf is as follows:
  <Object name="application" ppath="*/application">
  Service fn="wl-proxy" \
  WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
  clusterB_3:9991" \
  CookieName="ApplicationSession"
  </Object>
  Our issue is that the load-balancing doesn't appear to work across the
  clusters.
  We're seeing one cluster get about 90% of the load, while the other
  receives
  only 10%.
  So, the question (finally!) is: Is this configuration correct (i.e.,
  will it
  work according to the logic of the proxy plugin), and is it appropriate
  for this
  situation? Are there other alternative approaches that anyone can recommend?
  Thanks in advance,
  cramer

• Could not retrieve Enterprise Global Template - Load balancer issue

  Hi,
  We have 4 Project Server 2010 servers. The 4 web servers are load balanced by networking team with sticky session configured.
  When we try to connect to the Project Server using MPP 2007 SP2, it fails saying 'Could not retrieve Enterprise Global template'. It works perfect when we point to a specific server by specifying the IP address for server name in the 'hosts'
  file.
  Earlier we observed some errors in the event viewer related to the SharePoint's internal load balancer for which restarted the 'Project Server Application' on each web server and it got fixed.
  Now, the only entries that we see related to load balancer are as mentioned below as Information (not errors).
  SharePoint Web Services Round Robin Service Load Balancer Event: Initialization
  Process Name: w3wp
  Process ID: 15080
  AppDomain Name: /LM/W3SVC/539065287/ROOT-1-130462463500778047
  AppDomain ID: 2
  Service Application Uri: urn:schemas-microsoft-com:sharepoint:service:ae7c7ee5c09b4e8198bdbb1ecb8c1c1b#authority=urn:uuid:9f626d347784423eb14bde4a1f4d13fc&authority=https://lonms12546:32844/Topology/topology.svc
  Active Endpoints: 4
  Failed Endpoints:0
  Endpoint List:
  http://lonxxx2532:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2545:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2546:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2566:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  Could the issue be due to network load balancer?
  Could the issue be due to Sticky session configuration on the load balancer.?
  How can we get to the root cause of the issue?
  Which logging category should we set to 'Verbose' that can give us some hint.
  Update: We tried to capture the requests through fiddler and observed that when fiddler is running on the client computer then the connection works perfectly fine even through the load balancer. Probably fiddler is reformatting the SOAP
  envelop of the web service requests the way it should before sending the request to the server.
  If we do not run fiddler and run some other similar tool (like Charles) then it again gives the issue and the request stucks at /PWA/_vti_bin/psi/winproj.asmx
  We ran Wireshark on the servers and found the following for that web service call:
  [TCP Previous segment not captured] Continuation or non-HTTP traffic.
  Please let me know if someone could provide any hint what can be done next.
  Regards, Amit Gupta

  There are several ways to configure your load balancer.   I would suggest that you work with the network engineer, the load balancer vendor and your project administrator to resolve this issue. 
  Basically you need URL to be resolved correctly.  Also, I don't believe PS2007 did a good job handling load balancing, so you may need to bring someone in good with IIS and see they can tweek IIS to manage the cache better.
  As I go back and look at your analysis, I think you should probably look at upgrading to Project Server 2013.  They made some improvement in load balancing and the management of distributive cache.
  I assume you have 4 WFE because you have thousands of project users.  Roughly how many  you have?  Over 1000, over 5000
  Have you tried to see if using two load balancing work?  How about just one front end.  I often see companies scaling SharePoint and Project server to extremes. 
  Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
  Website http://www.WhartonComputer.com
  Blog http://MyProjectExpert.com contains my field notes and SQL queries

• Cisco ACE20 Load balancing issues

  Dear All,
  I have a problem with the ACE 20 load balance
  To start with following is our architectural request flow:
  Load Balancer --> Webseal /(reverse proxy) --> HTTP Server --> Portal Server
  We have Hardware Load Balancer Cisco ACE20.
  When we access our portal from Webseal server it works totally fine without any issue, but when we access the same application using ACE we face the following issues:
  1) Some of the links on do not work. For eg: We have a link "subscribe" which points to https://intranet/abc/wps/portal/subscription , whenever we click on this link, the request is directed to https://intranet/abc/wps/portal i.e homepage
  2) URL redirection does not work We have some links which have a url forwarding or redirection for example when we open https://intranet/ef/quickplace it forwards the requests to https://intranet/ef/quickplace/Main.nsf?opendocument....., but this redirection fails and again the request is thrown to homepage i.e https://intranet/abc/wps/portal
  3) The response of the request and the overall portal when accessed via ACE is very sluggish and it takes 20 seconds for homepage to load, whereas the homepage loads in 4 secs when accessed via webseal.
  below is the ACE details. Kindly provide the your inputs to resolve this issue. will rate all the suggestions
  Hardware Product Number: ACE20-MOD-K9
    Card Index:     207
    Hardware Rev:   2.3
    Feature Bits:   0000 0002
    Slot No. :      7
    Type:           ACE
  Software
    loader:    Version 12.2[120]
    system:    Version A2(1.4) [build 3.0(0)A2(1.4) adbuild_11:54:12-2009/03/05_/a
  uto/adbu-rel2/rel_a2_1_4_throttle/REL_3_0_0_A2_1_4]
    system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_4.bin
    installed license: ACE-SEC-LIC-K9

  Dear all,
  Please suggest on this issue.
  BS

• JSF and load balancing issues

  Hello,
  We are having a difficult time getting our app to work correctly on our load balanced system. Any help / suggestions would be greatly appreciated.
  We have a very basic load balancer which is in round robin mode (this cannot be changed), two separate vms, each with an instance of apache(2.0.54) and tomcat(6.0.14). Each apache talks only to the tomcat on the same vm and the tomcats are configured to session replicate with each other (which is happening).
  When I log in to the app and start pressing a few buttons there are no problems for a little while. I then leave the screen idle for 1 minute and resume pressing buttons. The main session bean which holds information about where the user is and other key information, gets its constructor called and is set back to default and the page goes back to the main menu. Immediately before the bean is reset, the logs show the following:
  [MyApp] 17 Jun 2009 15:33:27,514 WARN: [ajp-8009-2 LoggerListener.onApplicationEvent(60)] : Authentication event AuthenticationSuccessEvent: v; details: (etc etc removed&hellip;)This is what the two logs look like:
  VM1 - Authentication event          
  VM2 - Main menu
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  [wait 1 min]
  VM1 - Authentication event
  VM1 - Bean reset
  Processing continues, but screen is redirected to main menu
  We have the distributable tag in the web.xml file and javax.faces.STATE_SAVING_METHOD is set to client. Its set to client as the app will not work at all with it set to server (keeps asking for the user to re-log in).
  Thank you,
  Victoria

  Looks like a Tomcat issue to me. JSF is not going to timeout in 1 minute. You might want to check your Tomcat replication settings. Note try to do a very simple loadbalancing application that just echos the Tomcat is executing on.

• Load Balancing Issues SOMEBODY HELP ME!!

  Good Morning.
  A few days ago we implemented Load Balancing in our company, I printed a step by step procedure from MS and just follow it thinking that once I did that everything was going to be ok, but I am some issues that I managed to fix, but now I am stock in one
  that I just can't figure it out, here I go.
  When regular users try to connect to the Farm using the external IP they can't connect, we checked firewall seems to be ok, we check the configuration we did and we didn't miss any step, NOW here is the crazy part, when we use our Admin ID we can connect,
  so I thought maybe is an Active Directory thing, but I don't know where to look or what to do so my questions are,
  Can this be a licensing issue?
  Do I have to have my TSBroker as part of my group of PC in the firewall?
  Can it be a certificate issue? (not too sure because I can connect as an admin)
  Can it be permissions to log in to the servers?
  My co-worked is telling me now that if TS Broker sent them to TS1 they can connect but if TSBroker send them to the other two members of the farms they can't connect, TS1 is the original TS before this whole Load Balancing thing.
  we tried so many solutions that we can find online and come up with and nothing seems to be working, so what do I do? What did I do wrong when I configure the Load balancing? is there any step beside what MS told me that I am missing...
  PLEASE HELP!!
  Thank you..

  Hi Rodrigo,
  Thank you for posting in Windows Server Forum.
  What’s your server OS in your environment?
  Firstly see that, if you have not set up RD Licensing server and don’t have RDS CAL then your administrator can only get access for RDP connection (only 2 connection for Admin purpose). Now if you want more than 2 connection you need to setup RD Licensing server,
  activate it, purchase RDS CAL and install it. After installing, you need to see that your user have enough permission to access RDS server and your user must be added under “Remote Desktop User” local group under RDS Server. 
  As you have commented that your admin can able to connect so I think you must have the issue with user permission, please go through above points and check the result.
  Please check below article for more details.
  1. TS Session Broker Load Balancing Step-by-Step Guide (Server 2008)
  2. Checklist: Create a Load-Balanced RD Session Host Server Farm by Using RD Connection Broker (Server 2008 R2)
  Hope it helps!
  Thanks.
  Dharmesh Solanki