CSS 11503 Load Balancing Verification
Alright, so I have toiled long and hard to get this right. I think I have the config down but I am unsure on how to verify how this load balancing is working.
Here is the Content Config that I am speaking of:
content cad-rule
add service wls1-e0
add service wls1-e1
add service wls2-e0
add service wls2-e1
add service wls3-e0
add service wls3-e1
add service wls4-e0
add service wls4-e1
add service wls5-e0
add service wls5-e1
add service wls6-e0
add service wls6-e1
arrowpoint-cookie expiration 00:00:15:00
advanced-balance arrowpoint-cookie
redundant-index 2
vip address 172.30.194.195 range 2
arrowpoint-cookie name TOQ
protocol tcp
port 8001
url "/*"
active
Each service in the rule above is configured as follows:
service wls1-e1
port 8001
protocol tcp
strin ags001-e1
ip address 172.30.193.81
keepalive type http
keepalive uri "/cad/index.html"
redundant-index 12
keepalive frequency 20
keepalive maxfailure 10
keepalive retryperiod 2
active
I am using the advanced arrowpoint cookies because I need some stickiness here. Straight round-robin would not have done what I needed it to do.
Now, when I go to my show summary, this is what I see for this rule:
cad-rule Master wls1-e0 84274
wls1-e1 13144
wls2-e0 96884
wls2-e1 26374
wls3-e0 71145
wls3-e1 16592
wls4-e0 76403
wls4-e1 8657
wls5-e0 118623
wls5-e1 22760
wls6-e0 30836
wls6-e1 20464
The far right column indicates the services hits. I originally had the E1's suspended and activated them later on. So if this was true round robin, all the E0's should have the same number of service hits and all the E1's should have the same number of service hits. But as you can see, the wls5 server is getting hit the most while the wls6 server is sitting there twiddling its thumbs.
Now understanding how the arrowpoint cookies do their load balancing (inserting a cooking into the flow and then timing out after 15 mins as configured above) I would not expect a 1:1 ratio of load balancing between servers. But the distribution above seems rather extreme.
Does anyone have any suggestions on how to both A) verify that this is the right config and B) suggest to my boss that this is working the way it should be working?
Thanks!
James
Hi James,
There are several reasons of the uneven load balancing that you are seeing (based on the show summary). First
of all, the CSS is configured to do stickiness (advance-balance).
With arrowpoint-cookies (for HTTP only) method for stickiness, only the requests coming with the same cookie
are going to get stuck to the same server, since the cookie is
lost when the browser is closed (or based on the expiration), then the stickiness is going to be session
based and if the same client open a new session is going to be load balanced.
Is important to understand that when using stickiness, no real even load balancing is
going to happen since we are sticking new flows to the same server; even when layer 5 stickiness would
permit more even balancing than layer 3 stickiness (source IP based).
Also consider that the "show summary" is a command to see the hits (requests) being balanced to an specific
server, this is a good command to see the load balancing, anyway since the CSS balance
connections (flows), a persistent connection could have a lot of requests, so all those requests are
always going to the same server (incrementing the amount of hits in the counter) while a non-persistent
connection would be just one request (refer to HTTP persistence).
Also keep in mind that if a service is take out for maintenance, or is added to the load balancing later
than another, or if goes down for a period of time, then the CSS will be balancing among the remaining alive
servers. When you add the server again, the another servers are going to have connections
already established, so since the CSS is doing round robin, the server last added will
never have the same amount of connections (nor hits) that the other ones, because while one could
have 55 for example, the new one will have it first connection, and when the first one
gets the 56, the another will get the second, and so on.
Please let me know if this makes any sense.
Diego M
Similar Messages
-
CSS 11503 load-balancing with MS Print Servers
We are trying to load-balance print server connections between 2 MS print servers. When we try to connect to the print servers name, (\\PS01) or even the VIP address, we get a Path not found error. However, if we direct the path to the actual name or ip address of the print servers (not the VIP), we can view all the queues and connect/print to them. Is this possible to do on the CSS 11503? Thanks.
Pete- Here is our config. See any problems?
configure
!*************************** GLOBAL ***************************
ip route 0.0.0.0 0.0.0.0 1.100.100.100 1
!************************* INTERFACE *************************
interface 1/2
bridge vlan 2
!************************** CIRCUIT **************************
circuit VLAN1
ip address 1.100.101.110 255.0.0.0
circuit VLAN2
ip address 10.100.249.1 255.255.255.0
!************************** SERVICE **************************
service ps01
ip address 10.100.249.5
active
service ps02
ip address 10.100.249.6
active
!*************************** OWNER ***************************
owner printserver
content L3_Basic
add service ps01
add service ps02
vip address 1.100.100.35 -
Using a single CSS to load balance multiple services
Is it possible to use a single CSS to load balance 3 different services (server farm) ? That mean the CSS need to advertise 3 VIP
I'm thinking of two scenarios:
1 - configure the CSS to use 4 interfaces: 1 to public, 3 to private (each interface will plug-in to a different vlan/server farm)
2 - configure the CSS to use 2 interfaces: 1 to public, 1 to private (all 3 server farms are in the same vlan)
Will both scenarios work ?
Thanks
--Phillip.Hi Phillip,
both scenarios will work. One CSS can certainly manage more than 3 services! You can even use just one VIP for all traffic, then just create the proper rules to send specific traffic to the corresponding service(s). No need for 3 VIPs.
Regards
-juerg -
Hello,
We have a CSS 11503 with the following partial config
==================
service 10.10.10.221-1724
ip address 10.10.10.1
keepalive type tcp
port 1724
keepalive port 1724
active
service 10.10.10.222-1724
ip address 10.10.10.1
keepalive type tcp
keepalive port 1724
port 1724
string string1
active
content 10.10.10.1-80-website
vip address 10.10.10.1
no persistent
advanced-balance arrowpoint-cookie
add service 10.10.10.221-1724
add service 10.10.10.222-1724
port 80
protocol tcp
url "/*"
active
============================
There is connectivity from CSS to both IP's, 10.10.10.221 and 10.10.10.222. Problem we face is as following:
A client can hit web site on both servers by going to http://10.10.10.221:1724 and http://10.10.10.222:1724.
With service started on 10.10.10.221 and 10.10.10.222, a client PC can hit website by using http://10.10.10.1.
With step 2 above, connection count increasing on "service 10.10.10.221-1724" service.
There is no activty on "service 10.10.10.222-1724"
When we stop services on 10.10.10.221, client can no longer access web site using http://10.10.10.1. In this situation, connection counter on "service 10.10.10.222-1724" increases with each attempt to access web site but the page on client machine times out.
With service stopped on 10.10.10.221, client can access web site using server IP, http://10.10.10.222:1724
Restarting service on 10.10.10.221 makes access to website usig http://10.10.10.1, load balancer IP.
When capturing packets using wireshark, we see that the client machine sends re-transmission on "HTTP Get" and evantually times out.
With behavior above, it is clear that the server at 10.10.10.222 is active. What we cannot understand is why web site is inaccessible thru load balancer using http://10.10.10.1.
Please help.
Thanks,
Paresh.Hi Paresh,
To troubleshoot this, I would recommend doing a traffic capture on the server vlan to see what is really happening with the connection.
One thing worth checking would be comparing the routing configured on both servers. If the traffic back from the server towards the client is not going through the CSS, the connection would fail, with the exact symptoms you are describing.
Regards
Daniel -
CSS Scalable Load Balancing Method
Greetings All,
Looking to the brain trust here for some options on a requested load balancing schema.
I have a CSS11506 for which I need to configure some 'scalable' load balancing.
We have 2 servers configured for load balancing... we'll call the services S1 and S2.
The requirement is to have S1 to service all traffic until its related server CPU reaches 80%. Once this occurs, then traffic should start being sent to S2 for load balancing.
How can I accomplish this?
Thanks!
-AdamGilles,
Thanks for the reply.
I'm not real savvy with creating scripted keep-alives from scratch.
Can you direct me to some links where I can learn more about creating such a script on the CSS?
Thanks again!
-Adam -
CSS 11501 Load Balancing with X-forwarded-for
Hi,
We have a pair of CSS 11501,
Currently it is using source ip for load balancing and 5 servers as backend , however we have users loggin in using http and based on its source IP (ISP PROXY) , it is forwarded to SERVER A.
However, we have a SSL page and when the client switches over to SSL , it is forwarded to SERVER B/C/D/E based on its source IP ( REAL CLIENT IP) .
This will cause the user to be terminated as the 5 servers are independent and not running in a cluster.
Is there any way that we can use the X-Forwarded-For address to load balance so that when users loging , they are sent to SERVER A (Based on X-Forwarded-For Header IP which translate to REAL CLIENT IP).
This way we are able to also send it back to the same server when it uses SSL.
I believe that we should be able to load balance using X-Forwarded-For IP or to rewrite the X-Forwarded-For IP into client source IP
RegardsHi,
Unfortunately CSS does not support X-Forwarded-For, and even if CSS supports that, this wont work if you are not using SSL termination.
One option that you can use here, is using SSL termination, so you can manage the SSL traffic on HTTP on the CSS, in this way you can use the same HTTP content rule which is the one currently working.
In summary, you will have an SSL content rule that will decrypt the traffic, and this one will use the same content rule that already exist for HTTP, in case that the server is the one doing the redirect to SSL, but this is something that requires testing since depending on the redirect behavior we might have a redirect loop, but without details it is kind of hard to confirm that you will face this with this option.
Another option, which is less complex, is to use a portless content rule, so this content rule will match port 443 and 80 at the same time, and using sticky or balance based on source IP, you will get the same result with less config. The downside is the troubleshooting, but in this way you will have what you want.
content HTTP-HTTPS
vip address 10.198.44.70
advanced-balance sticky-srcip
add service server1
add service server2
add service server3
add service server4
add service server5
protocol tcp
active
Here the content rule is not looking for the destination port, it is just looking for the source IP, and HTTP and HTTPS will end all the time on the same server.
Thanks,
Rodrigo -
CSS 11501 Load Balancing Issue
Hi,
We are facing some issue in load balancing in cisco CSS 11501 as we are not able to access the application through virtual IP. Below is the ruuning configuration of the CSS:
CSS11501# sh running-config
!Generated on 10/06/2010 16:51:34
!Active version: sg0810106
configure
!*************************** GLOBAL ***************************
ip route 0.0.0.0 0.0.0.0 132.186.199.1 1
!************************** CIRCUIT **************************
circuit VLAN1
ip address 132.186.199.145 255.255.255.0
!************************** SERVICE **************************
service Server1
ip address 132.186.199.243
port 5001
protocol tcp
keepalive port 5001
active
service Server2
ip address 132.186.199.246
protocol tcp
port 5001
keepalive port 5001
active
!*************************** OWNER ***************************
owner L5_Owner
content L3_Rule
vip address 132.186.199.146
protocol tcp
port 5001
add service Server1
add service Server2
active
content L5_Rule
vip address 132.186.199.146
add service Server1
add service Server2
protocol tcp
port 5001
url "//132.186.199.146:5001/emi"
active
CSS11501#
Observation : We are able to telnet on VIP: 132.186.199.146 on port 5001, but not able to access the application.
In Actual scenarion customer access application by accessing URL: http://132.186.199.243:5001/emi and once he enter this URL in web browser the request redirects ( by server itself) to URL: https://132.186.199.44:6002/cas/login?service=http%3A%2F%2F132.186.199.243%3A5001%2Femi%2Findex.jsp&acceptStrength=BASIC on backend server for user authenticaton and once user is authenticated then it again redirect to main URL ( http://132.186.199.243:5001/emi ) to access the application but when we are trying to access the application through VIP ( URL: http://132.186.199.146:5001/emi) we are not getting the login page as the request is not gettting redirected to backend server for user authentication.
Please suggest a solution here.The problem is that you are in one-armed mode.
So you need to configure client nat.
Without nating the client ip address, the server response goes back directly to the client and bypasses the CSS.
Therefore the client receives a response from an unknown server ip address (not the vip).
So configure a group.
For example
group Client
vip address 132.186.199.146
add destination service Server1
add destination service Server2
active
Also, remove the url command from your content rule.
It is useless in your case and will just make performance worst.
Gilles. -
CSS 11050 Load Balancing with Single VLAN (no NAT)
We have several CSS 11050's in use on our network, cheifly for load-balancing web servers. In a test network I've set up, I've configured our test servers' IP addresses and our load-balanced IP address to be on the same subnet. This way our developers can easily check both single servers as well as the LB configuration. This got me thinking...
All the config documentation I've seen on the CSS seems to assume that you are putting the VIP for the content rule on a different VLAN than the IPs for the services. Is there any particular need for this? I'm in the process of setting up another network that will have its services NATed behind a PIX. There are some services (WWW) that I want load balanced and some services (passive FTP with one server) where there's really no need. Would I do any harm by putting the content rules' VIPs on the same subnet as the servers themselves? I can still plug the servers into the other ports on the CSS so that I'm not really doing a "one-arm" configuration.
-Mark RomerYou shouldn't have any problem doing this. In addition to load balancing web servers we've also balanced terminal servers that are configured to be accessed by remote users through VPN connections. Because we have over 90 remote locations, I didn't want the services and the VIP addresses to be on different VLAN's because I'd have to reconfigure the routers in all the remote locations. I was in the same position you're in, all the documentation indicated different VLAN's but I thought it would be a worth a try. Everything works perfectly...
Cody Rowland -
CSS load balance - Lock Outlook 2007 - RPC over http
I have problema whit load balance for configuration of client Outlook 2007. (using protocol RPC over http). Through the CSS, after a period of utilization, the Outlook lock. And without the CSS doind load balance, no ocurred the problem.
I appreciate any help.
Thanks!Jason,
CSS is not created in a source group of "exchange2007rcvir. Is that the problem is that?
**** OWNER ****
content exchange2007rcvir
vip address 10.58.32.123
add service scmt801cto
add service scmt801cas
redundant-index 205
protocol tcp
advanced-balance sticky-srcip
sticky-inact-timeout 30
active
content exchangehtvir
vip address 10.58.32.89
add service scmt700cto
add service scmt700cas
redundant-index 201
protocol tcp
advanced-balance sticky-srcip
sticky-inact-timeout 30
active
content exchangewavir
vip address 10.58.32.33
add service scmt800cto
add service scmt800cas
redundant-index 51
protocol tcp
advanced-balance sticky-srcip
sticky-inact-timeout 30
active
***** GROUP *****
group exchangehtvir
add destination service scmt700cto
add destination service scmt700cas
vip address 10.58.32.91
active
group grp_axiavir
vip address 10.58.32.83
add destination service scxt393cas
add destination service scxt394cas
add destination service scxt395cas
add destination service scxt393cto
add destination service scxt394cto
add destination service scxt395cto
active
** No have exchange2007rcvir -
Load Balance TMG with Cisco CSS
I am working with a Customer that is using Cisco CSS to load balance Microsoft TMG 2010.
From the Microsoft TMG, I can see the https probes hitting the TMG Servers. The TMG 2010 recongnizes that the Cisco is trying to establish a 3-way handshake and is dropping every 3rd connection with the following error: "non-SYN packet was dropped because it was sent by a source that does not hane an established connection with the Forefron TMG computer." Since the Microsoft Forefront TMG 2010 Server is Stateful packet inspection firewall, what is the best load balance method for this service? TCP or even worst ICMP.
Below is a snipet of the configuration:
Thank You
Avery
CSS-A# show service Server1-ssl
Name: Server1-ssl Index: 70
Type: Local State: Alive
Rule ( x.x.x.x TCP 443 )
Session Redundancy: Enabled
Redundancy Global Index: 206
Redirect Domain:
Redirect String:
Keepalive: (SSL-443 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 03/05/2012 16:33:14
Mtu: 1500 State Transitions: 4
Total Local Connections: 0 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 0 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2
CSS-A#
CSS-A# show service Server2-ssl
Name: Server2-ssl Index: 71
Type: Local State: Alive
Rule ( x.x.x.x TCP 443 )
Session Redundancy: Enabled
Redundancy Global Index: 207
Redirect Domain:
Redirect String:
Keepalive: (SSL-443 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 03/05/2012 16:53:49
Mtu: 1500 State Transitions: 6
Total Local Connections: 0 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 0 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2Hi,
It would good to have a capture from the server itself, the TCP keepalive is really simple, as you explained, it is just a 3-way-handshake on port 443.
The CSS is going to use it's vlan IP to generate this keepalive.
So if the server is dropping the connection, it would be good to se the actual behavior of the keepalive.
ICMP is just a ping, and lets say port 443 is not longer open on the server, at the point that the CSS gets the ICMP reply back from the server, the service is going to remain as alive, but the traffic is not going to work, so ICMP is not a good option.
Thanks! -
CSS11503 load balancing virtual server IP's
Hi CSS experts,
We have a Cisco Content Services Switch 11503 Load Balancer which seems to require Real Server NICs to be plugged in. When I plug a cable from our Cisco 3560 switch into the Cisco Load Balancer, it can't see the 2 web server IP's that I'm trying to load balance for HTTP/HTTPS. The virtual IP does not display the webpage of either web servers.
On the otherhand, when I use two physically separate 1U web servers and physically plug 2 cables (1 for each server) into the CSS 8 port switch, the virtual IP is able to redirect the traffic to both web servers.
How do I configure the CSS to load balance and actually see 2 IP's on the network which isn't plugged in physically per server into the CSS 8 port switch.
Internet->CSS->1 cable plugged into Cisco switch which host 2 web servers.
Thanks,
Mike
Configuration:
circuit VLAN1
ip address 192.168.1.10 255.255.255.0
service Websrv1
ip address 192.168.1.104
protocol tcp
port 80
keepalive type http non-persistent
active
service Websrv1SSL
ip address 192.168.1.104
protocol tcp
port 443
keepalive type ssl
active
service Websrv2
ip address 192.168.1.101
protocol tcp
port 80
keepalive type http non-persistent
active
service Websrv2SSL
ip address 192.168.1.101
protocol tcp
port 443
keepalive type ssl
active
owner Web
content NG
add service Websrv1
add service Websrv2
vip address 192.168.1.7
port 80
protocol tcp
advanced-balance arrowpoint-cookie
url "/*"
active
content NGSSL
add service Websrv1SSL
add service Websrv2SSL
vip address 192.168.1.7
port 443
protocol tcp
advanced-balance sticky-srcip
sticky-inact-timeout 60
activeI checked the connectivity to the servers form the CSS and it was good. I was able to ping, and the connection status in sh service summary incremented by 1 each time I tried to connect. From the server, I was able to ping back to the IP of the CSS and the VIP address as well. I have tried using only 1 server for 1 VIP. I have tried changing the default gateway on the server to the IP of the CSS and the VIP IP as well. It still doesn't seem to help. Anymore suggestions for me to try?
Thanks
Mike -
Load-balancing of transparent cache + IP spoofing + RTSP + MMS not working
We have already in production an architecture with load-balancing of
transparent cache + ip spoofing.
We are unable to do the same for streaming flows (MMS and RTSP).
We are doing PBR from our core network (2 * C6K) to redirect port 80, 554 and
1755 toward CSS boxes, same in our access router (2* Ciso7200).
In this config desired flows are redirected toward the CSS.
Then CSS should load balance the traffic toward our BlueCoat proxy-cache farm.
It's working fine for HTTP but we are unable to make it works for MMS and
RTSP.
Note that we are requiered to use ECMP to perform IP Spoofing on the CSS, meaning we need 4 routes for each client subnet (one route toward upstream C6K, and 3 routes for each proxy cache). We use acl to get rid off looping condition.
Anyone who has already put in place Load-balancing of Streaming transparent cache + IP spoofing could give us some hint.
Many thanks.
Regards,
Pierre ViennetGilles, thanks for your input.
Here where we are at with streaming implementation:
- HTTP on all type off client is working
- RTSP: TCP 554 with Real Media client is working
- RTSP: TCP 554 with WMP not working, but it's due to a bug in Bluecoat implementation, the proxy send an error when he see a request with ( User-Agent: WMPlayer ) for RTSP content.
- MMS: TCP 1755 not working with IP spoofing enable on the proxy but OK without IP spoofing...
- UDP 554: not working
- UDP 1755: not working
I fully understand the limitation for UDP traffic.
But I don't see why it's not working for MMS over TCP traffic.
Note that I have the exact same configuration for RTSP and MMS.
Why is it not working for MMS with IP spoofing? Are you aware of a difference on the way CSS handle MMS flows? or a specificity of the MMS protocol?
Below what we can see on the different equipement when trying to launch a MMS over TCP Stream:
c6k-Faaa#sh mls ip source 195.83.182.72
Displaying Netflow entries in Supervisor Earl
DstIP SrcIP Prot:SrcPort:DstPort Src i/f:AdjPtr
Pkts Bytes Age LastSeen Attributes
202.3.225.5 195.83.182.72 tcp :1755 :1504 0 : 0
3 124 17 18:58:12 L3 - Dynamic
202.3.225.5 195.83.182.72 tcp :1755 :1527 0 : 0
2 84 3 18:58:20 L3 - Dynamic
202.3.225.5 195.83.182.72 tcp :554 :1503 0 : 0
4 360 17 18:58:06 L3 - Dynamic
c6k-Faaa#
CSS11503_CORE1# sho flows 202.3.225.5 | grep 1755
202.3.225.5 38531 195.83.182.72 1755 0.0.0.0 TCP
2/3 2/1
202.3.225.5 1527 195.83.182.72 1755 195.83.182.72 TCP
2/7 2/3
CSS11503_CORE1# sho flows 202.3.225.5 | grep 1755
202.3.225.5 38531 195.83.182.72 1755 0.0.0.0 TCP
2/3 2/1
202.3.225.5 1527 195.83.182.72 1755 195.83.182.72 TCP
2/7 2/3
CSS11503_CORE1# sho flows 202.3.225.5 | grep 1755
202.3.225.5 38531 195.83.182.72 1755 0.0.0.0 TCP
2/3 2/1
202.3.225.5 1527 195.83.182.72 1755 195.83.182.72 TCP
2/7 2/3
CSS11503_CORE1#
TCP 192.168.4.19:1491 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1492 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1493 195.83.182.72:1755 TIME_WAIT
TCP 192.168.4.19:1502 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1503 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1504 195.83.182.72:1755 TIME_WAIT
TCP 192.168.4.19:1525 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1526 195.83.182.72:554 TIME_WAIT
TCP 192.168.4.19:1527 195.83.182.72:1755 TIME_WAIT
Many Thanks for your input.
Pierre Viennet. -
how to configure the CSS to load balance 2 DNS server ?
first configure the services like this :
service dns1
ip address x.x.x.x
active
service dns2
ip address x.x.x.x
active
Then configure the content rule
owner mycompany
content dns
vip address x.x.x.x
add service dns1
add service dns2
active
Then we need to setup something for the dns answer
group dns
vip address x.x.x.x !!!!! same as for the content rule
add service dns1
add service dns2
portmap disable
The portmap disable requires software 5.03(33) or above.
The command is also in 5.01
http://www.cisco.com/en/US/products/hw/contnetw/ps789/prod_release_note09186a00800ba0c6.html -
Can CSS 11000 load balance multiple server farms, using different load balancing algorithms on the same ip subnet and having multiple VIPs in the one-armed configuration.
I know this is not an ideal configuration but have to do it for a relocation project.
Thank yoiyes you can.
No need for a trunk.
But you have to keep in mind that the CSS must see both sides of a connection.
So, obviously the traffic from the client will hit the CSS vip, but for the server response, you have to make sure it goes back to the CSS.
This can be done with source nating or policy routing.
Gilles. -
Error using load balancer in ebusiness suite R12
Hi
Has any one used Cisco 11503 load balancer in their ebusiness implementation
we have upgraded a customer instance from 11i10cu2 to 12.0.6. we have configured the R12 instance for load balancer as per metalink note 380489.1
when we access the ebusiness suite, we hit the issue as mentioned below:
You cannot complete this task because one of the following events caused a loss of page data. Possible Causes:
You have left your login session idle past the timeout period. A system failure has occurred. The application server is incorrectly configured and does not send a session cookie to the client browser. If you were testing in JDeveloper: JDeveloper OC4J process did not fully shut down before restarting the application. You closed one of the Internet Explorer browser windows while the request is being processed in another Internet Explorer window. Closing an Internet Explorer window causes OC4J to expire a user session. OC4J XML files in your JDeveloper user home system directory have been modified or corrupted.
as per many metalink notes, this may occur due to load balancer ..example note : 755825.1
we have then removed load balancer setting from the applications context file (xml file) and issue doesnt occur.
so issue seems to be with load balancer setting, however we couldnt find any doc which mentions setting for Cisco 11503 load balancer
we saw notes for Bigip and cisco ACE load balancer in metalink 601694.1
Customer is also unable to help here .. as to what setting needs to be changed
Can someone kindly adviseHave you opened a case with Cisco to see if they can help ? Has persistence been enabled on the load balancer ? Is there some kind of timeout enabled on the balancer ? I do not know much about load balancers, but the settings should be somewhat similar across all of them. See if these docs help
601694.1 - How To Check Session Persistence On BigIP F5 And Cisco Ace Load Balancer Appliances
390173.1 - How to prevent Self-Service session expiry when Using Radware's APSolute Insite Software Loadbalancing Software
HTH
Srini
Maybe you are looking for
-
I get error message " The file "Print.ai"is in an unknown format and cannot be opened"
I receive that message when I try to open a new document. My others such as Photoshop and In Design are fine as far as I can tell. I'm using CS4 on Windows 7. Thanks in advance.
-
Does anyone have some helfpful hints in regards to installing the Enterprise Scheduler CommandLine.msi for Windows.for Tes 6.1.0 I believe it is to be installed on the Master, backup Master -- does it also need to be installed on the Fault Monitor? T
-
Airport icon grey after installing software update Security Update 2007-004
Yesterday I installed Security Update 2007-004 (10.3.9 Client)(April 19, 2007) and since then when I wake-up my iBook (which was functioning fine prior to closing it and puting it to sleep) the airport icon is greyed out. The only way to get the airp
-
Where can I find a linear interpolation VI for Labview?
y=interpolation(X,Y,x), where x and y are either a scalar or vector. X and Y are 1D vector.
-
I think some sort of Malware or Virus appropriated of a root file of my Firefox.
I need help. Every time I reset Firefox and then try to load any website, it gives an 'Untrusted Connection'. This message appears EVEN when I try to open things from the own browser, as the Add-on tab, for example, and it only goes away when I resta