CSS load balancing and Remote desktop
hi all!
here is config:
!*************************** GLOBAL ***************************
cdp run
ip redundancy
ip route 0.0.0.0 0.0.0.0 10.12.248.1 1
!************************* INTERFACE *************************
interface 2/1
bridge vlan 2
interface 2/2
bridge vlan 3
!************************** CIRCUIT
circuit VLAN1
redundancy
ip address 10.12.248.101 255.255.248.0
circuit VLAN2
ip address 192.168.1.1 255.255.255.252
redundancy-protocol
circuit VLAN3
redundancy
ip address 192.168.7.25 255.255.255.0
!************************** SERVICE **************************
service Node1
ip address 192.168.7.23
active
service Node2
ip address 192.168.7.24
active
!*************************** OWNER ***************************
owner RenCap
content Cluster_Nodes
add service Node1
add service Node2
vip address 10.12.248.100
active
content Mngmnt_Node1
add service Node1
vip address 10.12.248.102
active
content Mngmnt_Node2
add service Node2
vip address 10.12.248.103
active
CSS_Primary#
Remote desktop of Node1 and Node2 is accesible, but only by local login and password.
How i can use tacacs for authentication on Node?
in other words, how can be LAN servers available from Node1 and Node2?
The document http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a0080094848.shtml gives a complete configuration exmaple on Configuring TACACS Authentication with VPN Client.
Similar Messages
-
We are load balancing a web site consisting of two servers using advanced-balance sticky-srcip. We have several customers that use AOL to access this site. They complain that their sessions are timing out. It appears that the souce IP address for the AOL users changes, thus causing the error. Is there anything we can do to prevent this from happening to AOL users?
Hi,
we are also hosting one of the biggest Internet Sites in Germany. We know this problem overall with megaproxys.
If you cannot insert cookies, try to change the sticky mask to 255.255.255.0.
With this setting, we have only a very small number of problems. Around 0,02 % overall.
Best Regards -
Problem with WLIOTimeoutSecs in weblogic and apche CSS load balancer
Hi,
We are using Weblogic 11g, apache 2.2 and CSS load balancer for load balancing.
we have huge reports which take minutes to generate and hence we need higher value for WLIOTimeoutSecs. This works fine when we use server url but WLIOTimeoutSecs is not working when we use CSS load balancer.
We checked with our load balancing team they said CSS load balancer will not repost the request.
Here is the plugin configuration
<Location /*****>
SetHandler weblogic-handler
PathTrim /
WebLogicHost 'serevrip'
WebLogicPort 'port'
WLIOTimeoutSecs 3600
Idempotent OFF
WLProxySSL ON
DefaultFileName /***/***/index.jsp
Debug On
WLLogFile /***/***/***/***.log
</Location>
Could some please help me on this.
Thanks in advance
Regards,
VenkatHi Tarun,
The problem occurs when the SSL is enabled on apache. If I access the same URL over HTTP, the parameter WLIOTimeOut works fine.
Also I observed that, none of the parameters are getting applied to the plugin. I had switched on 'DebugConfigInfo'. With this the HTTP URL with ?__WebLogicBridgeConfig as query parameter returned the complete configuration. However when accessed with HTTPS the server did not return the configuration.
Is there a specific configuration to be applied when apache is used with SSL?
Thanks for your help,
Shashi -
VPN load balancing and ASA !!!
Hi netpros,
I have a couple of questions about this and hope you might be able to assist me.
1.- Are VPN load balancing and failover (Active/Active) mutually exclusive ..? I mean they can't be used at the same time correct ..?
2.- How does the ASA handle the return traffic from the Internal LAN towards the remote client .. Because the cluster only requires ONE public virtual IP address, which will work for incoming packets .. but what about the return traffic which has knowledge of the DHCP scope's default gateway IP address only .. ? How gets the returned packet redirected from the default gateway IP address to the respective ASA internal IP address .?
3.- VPN load balancing only applies to remote clients using easy VPN technology (easy vpn client, hardware client , pIX using easy vpn client etc ) and does not work with static LAN-LAN tunnel .. correct ..?
Your comments are much appreciatedHi Gilbert ..
1.- Thanks I wanted to make sure.
2.- I know that .. my question is in regards the return packets .. for example if I have the below IP schema:
ASA1: Public 20.20.20.20
Private 192.168.1.1
ASA2: Public 20.20.20.21
Private 192.168.1.2
Cluster virutal IP: 20.20.20.10
Default gateway for segment 192.168.1.0 is 192.168.1.1
Let's say that a vpn client tries to connect and the cluster instructs the client to connect to ASA2 20.20.20.21. The packets reach the internal server at 192.168.1.100. The internal server then sends the return packets back to the client by forwarding them to its default gateway which is 192.168.1.1 (ASA1). Here is my question .. how does the cluster handles this because the return packet are supposed to be directed to ASA2 192.168.1.2
3.- Any idea about this one ..?
Cheers, -
CSS Load balancing for Exchange Server
Hi,
I have CSS configured in single arm and I have multiple servers configured for load balancing and it is working fine but when I am configuring Exchange server for load balancing I am facing problem and applications and printer/scanners are not able to send the email through the Virtual IP address configured for exchaneg server.
But if we configured the real server IP in the printer/scanners they are able to send the email. While checking the logs on the exchange server, it is showing that request for the email so coming from the Exchange VIP configured in the CSS.
I can telnet on port 25 on the VIP address (192.168.200.237). But unable to send the email through this VIP.
Below is the configuration
service ENOC_EXCHANGE-1
ip address 192.168.200.235
active
service ENOC_EXCHANGE-2
ip address 192.168.200.236
active
content EXCHANGE
add service ENOC_EXCHANGE-2
add service ENOC_EXCHANGE-1
vip address 192.168.200.237
active
group EXCHANGE
add destination service ENOC_EXCHANGE-1
add destination service ENOC_EXCHANGE-2
vip address 192.168.200.237
active
DC-CSS01# show rule GIT EXCHANGE
Name: EXCHANGE Owner: ENOC_GIT
State: Active Type: HTTP
Balance: Round Robin Failover: N/A
Persistence: Enabled Param-Bypass: Disabled
Session Redundancy: Disabled
IP Redundancy: Not Redundant
L3: 192.168.200.237
L4: Any/Any
Url:
Redirect: ""
TCP RST client if service unreachable: Disabled
Rule Services & Weights:
1: EXCHANGE-1-Alive, S-1
2: EXCHANGE-2-Down, S-1
=============================================================================
Please let me know how to solve this problem. System team is saying with the physical IP address it is working fine problem with Load balancing. I have even tried with the
Add service command in the group but didnt work for me. If i will remove the group command then I cant telnet on port 25.
I think this is related to single arm modle or some wrong configuration for the NAT.
Kindly assist meHi
Printers are on Vlan 80 ( gw is 192.168.80.1) and exange server is on vlan 200 (gw is 192.168.200.1) i have multiple vlan which will communcate with exchange.
I hv other servers on 200 subnet which are working fine in load balancing.
My CSS is single arm setup.
Please assist
Sent from Cisco Technical Support iPhone App -
Hello,
We are wondering how load-balancing and failover of tpcall() work with
WTC:
The scenario:
We have one WLS Domain and two Tuxedo Domains. The Tuxedo Domains offer
the same set of services.
In the bdmconfig.xml, we specify connection_policy as 'ON_STARTUP' for
both Remote Tuxedo Domains. We also Import (T_DM_IMPORT) the same
Tuxedo Service from both Tuxedo Domains.
Questions:
1. Is there any load-balancing of the tpcall between the two Domains? If
so, is it round-robin? If round-robin, what determines the order?
2. If it is ONLY Failover, what determines the order of the tpcall? And,
is the Failover automatic? Or do we need to code for retry on failure?
3. ON_DEMAND vs ON_STARTUP: Does ON_DEMAND drop the connection to the
remote domain upon tpterm? And does ON_STARTUP use a pool of
TuxedoConnection objects?
4. Are there any configuration parameters for
'max_number-of_connections? What determines how many simultaneous
connections can be made?
Thanks,
Suresh Mohan.Hi Suresh,
The following are my answers to your questions.
Suresh Mohan wrote:
Hello,
We are wondering how load-balancing and failover of tpcall() work with
WTC:
The scenario:
We have one WLS Domain and two Tuxedo Domains. The Tuxedo Domains offer
the same set of services.
In the bdmconfig.xml, we specify connection_policy as 'ON_STARTUP' for
both Remote Tuxedo Domains. We also Import (T_DM_IMPORT) the same
Tuxedo Service from both Tuxedo Domains.
Questions:
1. Is there any load-balancing of the tpcall between the two Domains? If
so, is it round-robin? If round-robin, what determines the order?Yes there is a load balancing between two remote Tuxedo TDomain Gateways.
The algorithm is random, not RR. Over time this should give equal
opportunities to both remote TDomain.
>
2. If it is ONLY Failover, what determines the order of the tpcall? And,
is the Failover automatic? Or do we need to code for retry on failure?The load balancing is always there. The failover is automatic. When a
connection to a remote TDomain encountered a problem (ie network) the remote
domain will be put on retry open connection (in ON_STARTUP) and the load
balancing will not select it until the connection re-established.
However, the tpcall() that encountered the error will not be retried to send
to different destination. It is up to the application to decide whether it
want to resend. Any requests called after the error will not select the
failed Remote TDomain.
>
3. ON_DEMAND vs ON_STARTUP: Does ON_DEMAND drop the connection to the
remote domain upon tpterm? And does ON_STARTUP use a pool of
TuxedoConnection objects?TPTERM() only terminate your application session to WTC. WTC still maintain
a secured T-session to remote Tuxedo TDomain. WTC does not use a pool of
TuxedoConnection Objects, the object stored in the JNDI refers to WTC.
>
4. Are there any configuration parameters for
'max_number-of_connections? What determines how many simultaneous
connections can be made?No. As described in #3, there is no need to use connection pool in WTC. WTC
uses session and virtual circuit design concept as Tuxedo TDOMAIN, the
logical pool is created/destroyed dynamically. That is the reason why you
can have a lot of TPACALL() outstanding at the same time. (The limitation is
the availability system resource.)
>
>
Thanks,
Suresh Mohan.Regards,
Hong-Hsi :-) -
CSS Load Balancing with Billing Server
Hi Gilles
Could I have a CSS load balancing two servers and also have it communicate with a billing server across the network. If yes then how can I do it?
Regards,
Sushilthe CSS does not have the notion of billing server. A separate device - like the CSG - should be used if you need to collect billing info.
Gilles. -
Load-balancing and fail-over between web containers and EJB containers
When web components and EJB components are run in different OC4J instances, can we achieve load-balancing and fail-over between web containers and EJB containers?
nullIt looks like there is clustering, but not loadbalancing available for rmi
from the rmi.xml configuration. The application will treat any ejbs on the
cluster as one-to-one look-ups. Orion will go out and get the first ejb
available on the cluster. See the docs on configuring rmi.xml (and also the
note below).
That is a kind-of failover, because if machine A goes down, and the
myotherAejbs.jar are on machine B too, orion will go out and get the bean
from machine B when it can't find machine A. But it doesn't go machine A
then machine B for each remote instance of the bean. You could also specify
the maximum number of instances of a bean, and as one machine gets "loaded",
orion would go to the next available machine...but that's not really
loadbalancing.
That is, you can set up your web-apps with ejbs, but let all of the ejbs be
remote="true" in the orion-application.xml file:
<?xml version="1.0"?>
<!DOCTYPE orion-application PUBLIC "-//Evermind//DTD J2EE Application
runtime 1.2//EN" "http://www.orionserver.com/dtds/orion-application.dtd">
<orion-application deployment-version="1.5.2">
<ejb-module remote="true" path="myotherAejbs.jar" />
<ejb-module remote="true" path="myotherBejbs.jar" />
<ejb-module remote="true" path="myotherCejbs.jar" />
<web-module id="mysite" path="mysite.war" />
... other stuff ...
</orion-application>In the rmi.xml you would define your clustering:
<cluster host="230.0.0.1" id="123" password="123abc" port="9127"
username="cluster-user" />
Tag that is defined if the application is to be clustered. Used to set up
a local multicast cluster. A username and password used for the servers to
intercommunicate also needs to be specified.
host - The multicast host/ip to transmit and receive cluster data on. The
default is 230.0.0.1.
id - The id (number) of this cluster node to identify itself with in the
cluster. The default is based on local machine IP.
password - The password configured for cluster access. Needs to match that
of the other nodes in the cluster.
port - The port to transmit and receive cluster data on. The default is
9127.
username - The username configured for cluster access. Needs to match that
of the other nodes in the cluster. -
Which cluster attribute should you modify to ensure that load balancing and
An EJB is targeted to a cluster. Remote EJB clients can therefore take advantage of WebLogic Server’s load balancing and failover capabilities.
However, a proxy server exists between the clients and cluster, which performs IP address transaction.
Which cluster attribute should you modify to ensure that load balancing and failover work correctly?
A. Multicast Address
B. Persistent Store
C. Cluster Address
D. Migration Basis
E. Replication Channelhttp://docs.oracle.com/cd/E13222_01/wls/docs81/config_xml/Cluster.html
Cluster address -
Dual WLAN links with load balancing and failover
Hello,
I am in a scenario where I am in need of two WLAN links between two buildings. There is a distance of 100-150 meters and minimum bandwidth required for both links together is 300Mbit/s. The thing is that both links should use load balancing between them and if one of them goes down, the last one should act as fail over.
I have been looking at Cisco Aironet 1550 Series though I have no idea what is needed to get load balancing and fail over to work, so I am searching here for suggestions on what equipment is needed.
Something like this:
---------------WLAN Link 150-300Mbit/s-----------
Building Load balancing and fail over Building
---------------WLAN Link 150-300Mbit/s-----------
Thanks in advance!Several points.
When an AP is doing 300Mbps, that's NOT the real throughput you have. It's the data rate at which traffic is sent.
All in all, if your AP/client are doing 300MBps association, you will see max 150Mbps with a file transfer.
From there, I'm not even sure that 11n supports dual spatial streams over such long distances (you can't have multipath in open air) so afaik the 1550 only do 150Mbps association rate (=dual channel with one spatial stream). That means 75Mbps real speed.
I couldn't test a 1550 yet so don't take my word for official statement but that's what I'm thinking.
the wireless links will always be both up and they can be on different channels.
That will then mean that it will be "as if" the remote switch was connected directly to the central switch (where WLC is connected) as the WLC tunnels traffic all the way. So you could do a spanning-tree config on this one I guess to block the port onthe remote switch.
Regards,
Nicolas -
Hp laserjet pro m1217nfw and remote desktop printing
hp laserjet pro m1217nfw and remote desktop printing, is there any issues with said function?
whats the problerm you are having??
-
Remote control and remote desktop client in sccm 2012 ?
What is the difference between remote control and remote desktop client in sccm 2012 ?
Remote Control is a built-in feature for SCCM 2012 and uses the RPC protocol. When you use this, the user can still be logged on while helping.
Remote Desktop is a buit-in feature for Windows and uses the RDP protcol. When you use it, the user will be logged off.
Why you would use one over the other depends on your requirements.
Blog: www.danielclasson.com/blog |
LinkedIn:
Daniel Classon | Twitter: @danielclasson -
Load balancing and rfc metadata repository in reciever rfc communication ch
hi.
i want to know the purpose of load balancing and rfc meta data repository in RFC communication channel.
and can u send me any examples on this load balancing.
waiting for your response.
bye.
regards.
seeta ram.Hi Seeta Ram,
Load distribution is handled by the message server (there is one message server in an SAP System). When a user logs on, the message server assigns him or her to the application server that currently has the <b>smallest load</b>.
Well now you can understand that we use load balancing for better performance by distributing the work to different processes to balance or maintain the work load in SAP system.
For more information refer to this link
http://help.sap.com/saphelp_nw04/helpdata/en/28/75153a1a5b4c2de10000000a114084/content.htm
Regards
Sumit Bhutani -
Advantages of using a webserver inbetween a load balancer and application servers
I am building out a new weblogic domain.
I am wondering which one of these configuration to go with:
1. Load balancer > weblogic servers
2. Load balancer > web server > weblogic servers
Could someone tell me what are the specific advantages of having web servers inbetween a load balancer and application servers (besides caching static data content and acting as a proxy)?
Thanks in advance
SriniOther than hosting the static content, nothing much really. We have our load balancer go straight to WL for applications without static content and route to web server if there is static content. Easy enough to do it both ways, best of both worlds.
-
For a true load balancing and high-availability OHS, OPMN, and mod_oc4j
i have read this link of Enabling Clustering on oc4j9.0.4 standalone app server
http://www.oracle.com/technology/docs/tech/java/oc4j/htdocs/getstart.htm#1015479
To test the clustering, start up the load balancer by executing "java -jar loadbalancer.jar".
C:\OC4J_EXTENDED\j2ee\home>java -jar loadbalancer.jar
In a future release of Oracle Application Server, loadbalancer.jar will be
desupported. Because of this, we strongly suggest that you discontinue your use
of loadbalancer.jar in this release. Under high loads, loadbalancer.jar may not
function properly. For a true load balancing and high-availability solution,
please move to use OHS, OPMN, and mod_OC4J. For more information, please see
http://otn.oracle.com/products/ias/ohs/content.html
Balancer initialized...
what load balancer should i use for web clustering
<frontend host="balancer-host" port="balancer-port" />
balancer-host=localhost
balancer-port=80
for all nodes i mentioned same host and port in http-web-site.xml.Is it correct?
i completed all the steps and run http://localhost:6666/session/SessionServlet
i hit 3 times
in the different browser http://localhost:7777/session/SessionServlet
instead of coming 4 it starting from 1 only.can i use this loadbalancer.jar or not?
how to mod_oc4j in standalone app server
Maybe you are looking for
-
How to schedule job V3 unserialised Update job for Inventory
Hi gurus, How to schedule job V3 unserialised Update job for Inventory management What are the things need to be configured Thank you
-
JDBC sender adapter outofmemory error
Dear friends, We are getting following error on JDBC sender Adapter: Error during conversion of query result to XML: java.lang.OutOfMemoryError: Java heap space (failed to allocate 1073741848 bytes) I have read blogs where there have been suggestions
-
I have acrobat professional and photoshop elements. New Mac arrives next week how do I move these from the old machine as I cannot find the product codes
-
Hi, I search for a example/source/demo for calling an Oracle Forms 11 "page" from an ADF (ADF Faces -> *.jspx) page. I use Jdeveloper "Bulldog" with ADF BC and ADF Faces. I need the option to start an oracle forms application (which would build with
-
Can't unzip downloaded Premiere Elements 11
Forum experts, Downloaded Software: Adobe Premiere Elements 11 (full version... not trial version) Computer: Dell XPS M1330 with Win 7 Available hard disk space: 70 GB When the installer program (PremiereElements_11_LS15_win32.exe) tries to unzip the