CSS Sticky-table analysis

We have a CSS 11503 at 7.4.2.02.
It has a number of L3 Sticky rules.
The users or rather their workstations are working 24 x 7.
We would like to work out what is the best sticky-inact-timeout value to use so that we can gracefully close a server (weight = 0) and drain the sticky entries for that backend server.
It would be good to have more information about the life of the sticky-entry in the table. For example when it was first loaded and perhaps the maximum elapsed time value.
Are there any debug commands that can get more information on the sticky-table entries?
Or has anyone got any other ideas on how to find out how long it would take to drain a server without actually setting the weight to zero and seeing what happens?
My last thought is to change the sticky-inact-timeout value on the rule. As I understand it this change, which appears to be dynamic will only impact new sticky sessions. So a show sticky-table should show the new value for new entries where previous sessions elapsed time has exceeded the old value. Measuring the time taken from the change to the rule to the time that the majority of sessions have shifted to the new timeout value should give an indication of the time it would take to drain the majority of users off the server to be closed.
If this is true then the only problem is how to interrogate the sticky-table which can only be paged at 100 entries a time and does not seem to be filterable in normal CLI. Hence the request for more info on Debug mode.

Gilles,
thanks for the response.
However, what I am trying to acheive is a little more than see the sticky-entries as they are displayed using the standard show sticky-table command.
For Layer three sticky entries even if you filter on IP address, you get a single entry in the standard 1 line format. I actually would like to see all entries with a given set of characteristics.
Also for SSL sticky entries there is a Hash argument that allows the ability to see much more information for an individual entry. I cannot find an equivalent for Layer 3 sticky entries.
The inability to search the whole table for certain characteristics without devizing a script with a loop on page count is giving us some interesting challenges. The abscence of information about statistics/timers on each flow is also a bit of a barrier for diagnosis.
Hence the request for more information about the sticky-table debug facilities.
regards
Andrew T

Similar Messages

  • Question about the CSS behavior when using layer 3 sticky and sticky table

    Hi everyone,
    I have a question about the CSS behavior when using layer 3 sticky and sticky table is full.
    If I configure layer 3 sticky and specify the inactivity timeout as below, how does the CSS
    handle subsequent needed sticky requests ?
    advanced-balance sticky-srcip
    sticky-inact-timeout 30
    CSS document says that
    Note:
    If you use the sticky-inact-timeout command to specify the inactivity timeout
    period on a sticky connection, when the sticky table becomes full and none of
    the entries have expired from the sticky table, the CSS rejects subsequent
    needed sticky requests.
    My question is what is the next reaction by doing the CSS if the CSS is in the
    following condition:
    when the sticky table becomes full and none of the entries have expired from
    the sticky table, the CSS rejects subsequent needed sticky requests
    Does CSS just rejects/drops subsequent needed sticky requests ?
    or
    Does CSS does not stick subsequence requests to particular service but CSS forward
    subsequence requests with round-robin basis ? which means if the sticky table is full,
    the CSS just works round-robin load balancing fashion for subsequence requests ?
    Your information would be appreciated.
    Best regards,

    Hello,
    There is a good document explaining this on Cisco web site
    http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_tech_note09186a0080094b4b.shtml
    It depends if the sticky-inact-timeout is used or not. If not, it's FIFO (the oldest entry in the sticky table is removed). If yes, the CSS will reject the next sticky request.
    Rgds,
    Gaetan
    Rgds
    Gaetan

  • CSS 11501 clear sticky table

    How can i clear the sticky table on this CSS? Is it even possible? I am only running version 7.1 so I do not even have the show sticky-table commands.

    I think your commands are for the CSM. Or possibly a newer OS version for the CSS...one that i'm not running.
    However, in case anybody does come across this thread in the future, I was able to get an answer from TAC. The command is as follows...
    CSS# llama (press enter)
    CSS(debug)# sticky-purge all-sticky

  • Exploring CSS 11503 sticky table / sticky mask

    Hi All
    I am currently undergoing some testing with a client.
    We have a VIP load balancing 8 instances. We are testing with the following configs
    content test-test
        add service a
        add service b
        add service c
        add service d
        add service e
        add service f
        add service g
        add service h
        vip address 10.10.10.1
        flow-timeout-multiplier 225
        sticky-mask 255.255.255.252
        redundant-index 1000
        port 443
        protocol tcp
        advanced-balance sticky-srcip-dstport
        sticky-inact-timeout 360
        balance leastconn
    active
    We  have traffic been sourced from 32 IP addresses and want all 8 instances  to be used/hit, but this is not happening in all instances.
    (from the above config, 4 consecutive IPs will be stuck to the same instance based on the sticky mask -- yes?)
    For instance I would expect the following: with the Test IP addresses used based on the sticky mask:
    10.120.1.168
    10.120.1.169
    10.120.1.170
    10.120.1.171 
    (to be stuck to maybe instance a)
    10.120.1.176
    10.120.1.177
    10.120.1.178
    10.120.1.179
    (to be stuck to maybe instance b)
    I have tried the following command during tests:
    show sticky-table l4-sticky ipaddress 10.10.10.1  255.255.255.252  443
    and get an empty table back.
    L4 Sticky List on Slot 1, subslot 1:
    Entries for page 1.
    Entry   Hash    Rule Rule  Srv  Srv      Time(Sec)     Hit Col  Elem Inact
    Number  Value   Indx State Indx State    Elapsed       Cnt Cnt  Type Cfg(Min)
    Total number of entries found is 0.
    L4 Sticky List on Slot 2, subslot 1:
    Entries for page 1.
    Entry   Hash    Rule Rule  Srv  Srv      Time(Sec)     Hit Col  Elem Inact
    Number  Value   Indx State Indx State    Elapsed       Cnt Cnt  Type Cfg(Min)
    Total number of entries found is 0.
    I would like to ascertain what source IP address is been stuck to what load balanced instance at any one time.
    I have tried looking at the flow table but, that clears out quite quicky so not really an accurate method.
    Thanks!

    Hi All
    I am currently undergoing some testing with a client.
    We have a VIP load balancing 8 instances. We are testing with the following configs
    content test-test
        add service a
        add service b
        add service c
        add service d
        add service e
        add service f
        add service g
        add service h
        vip address 10.10.10.1
        flow-timeout-multiplier 225
        sticky-mask 255.255.255.252
        redundant-index 1000
        port 443
        protocol tcp
        advanced-balance sticky-srcip-dstport
        sticky-inact-timeout 360
        balance leastconn
    active
    We  have traffic been sourced from 32 IP addresses and want all 8 instances  to be used/hit, but this is not happening in all instances.
    (from the above config, 4 consecutive IPs will be stuck to the same instance based on the sticky mask -- yes?)
    For instance I would expect the following: with the Test IP addresses used based on the sticky mask:
    10.120.1.168
    10.120.1.169
    10.120.1.170
    10.120.1.171 
    (to be stuck to maybe instance a)
    10.120.1.176
    10.120.1.177
    10.120.1.178
    10.120.1.179
    (to be stuck to maybe instance b)
    I have tried the following command during tests:
    show sticky-table l4-sticky ipaddress 10.10.10.1  255.255.255.252  443
    and get an empty table back.
    L4 Sticky List on Slot 1, subslot 1:
    Entries for page 1.
    Entry   Hash    Rule Rule  Srv  Srv      Time(Sec)     Hit Col  Elem Inact
    Number  Value   Indx State Indx State    Elapsed       Cnt Cnt  Type Cfg(Min)
    Total number of entries found is 0.
    L4 Sticky List on Slot 2, subslot 1:
    Entries for page 1.
    Entry   Hash    Rule Rule  Srv  Srv      Time(Sec)     Hit Col  Elem Inact
    Number  Value   Indx State Indx State    Elapsed       Cnt Cnt  Type Cfg(Min)
    Total number of entries found is 0.
    I would like to ascertain what source IP address is been stuck to what load balanced instance at any one time.
    I have tried looking at the flow table but, that clears out quite quicky so not really an accurate method.
    Thanks!

  • CSS 11500 - how to clear sticky-table entry

    Hi together,
    1. is there any possibility to clear an entry in the sticky table ?
    2. how could I find a sticky table entry, belong to a certain IP Addres or flow ?
    commands I know to find more details infos about the sticky table and the flows find below, but how could I merge these infos ?
    #sh sticky-table l3-sticky
    L3 Sticky List on Slot 1, subslot 1:
    Entries for page 1.
    Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact
    Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)
    1 a18015a 26 ACT 23 ALIVE 659 1 0 L3 15
    2 a18015a 28 ACT 12 ALIVE 43 19 0 L3 15
    3 a18016d 28 ACT 13 ALIVE 16 22 0 L3 15
    4 a180170 26 ACT 12 ALIVE 727 1 0 L3 15
    5 a180170 28 ACT 13 ALIVE 37 20 0 L3 15
    6 a180171 28 ACT 12 ALIVE 46 24 0 L3 15
    7 a180188 26 ACT 24 ALIVE 695 1 0 L3 15
    for the flows:
    # flow-agent show active_fcbs
    Flow ID Src IP SPort Dst IP DPort Pr slot sub spt dpt Flow flg
    8499f000 172.29.149.144 443 172.21.211.155 52988 6 2 1 1 1 00000098
    83e0c860 172.19.28.47 1107 172.29.149.144 443 6 2 1 1 1 00001098
    84049a40 172.29.148.149 389 172.29.27.133 35292 6 2 1 1 1 00000119
    83b97160 172.28.19.130 4647 172.29.149.144 81 6 2 1 1 1 00001089
    84588ae0 172.29.27.133 6101 172.29.148.167 33054 6 2 1 1 1 00000508
    # flow-agent show fcb_details 0x83650080
    Fcb Details for FCB: 0x83650080
    SRC: 172.29.148.149-389 NAT: 172.29.149.136-389
    DST: 172.29.27.133-40833 NAT: 172.29.27.133-40833
    DMAC: 00-01-f4-16-e5-e6 SMAC: 00-0b-fd-be-c6-7d
    IP Hdr ChkD: 65292 TCP/UDP Hdr ChkD: 65292
    TCP SequenceD: 0 Task CE: 0
    BytesIn: 1460 Frames In: 14
    Dest VLAN: 101 Src/Dst Ports: 0/0
    Slot/SubSlot: 2/1 SmbQ/PrcSwP: 32/1
    Time Stamp / Time Out Info:
    CurSecs: 1846643:342, started: 1793589:504 last activity: 1845164
    May timeout due to inactivity: Yes , inactiveTimeout: 1048528
    Inactive Secs: 1479, will timeout in: 1047049 secs
    FCB Flags: 0x0119
    0x0001 - Natting In Use
    0x0000 - NOT L5 Aware
    0x0000 - Non-Spoofed
    0x0008 - IP/TCP Flow
    0x0010 - Remote - Egress port
    0x0100 - In LL List
    0x0000 - Server-side
    FCB FlaFlags: 0x8040
    0x0040 - Is a static FCB
    0x8000 - Handled an ACK

    1/ to clear use the comand 'sticky-purge ...' from llama mode.
    2/ To see if an entry exist of a particular ip address, use the command 'sho sticky-table l3-sticky ipaddress ...'
    Regards,
    Gilles.

  • CSS SNMP counter "apCntStickyStatsNewCt".. query on sticky table entry lifetime.

    Hello,
    Can someone confirm the meaning of SNMP counter "apCntStickyStatsNewCt" please? Does it just mean that for every new sticky table entry created that this counter gets incremented ?
    My understanding is that there is a finite number of sticky table entries. There is one table for all entries and these can be made up of L3, L4, SSL etc.. and it operates on a First-In-First-Out system.
    Assuming we fill all available sticky table slots, when this "apCntStickyStatsNewCt" counter increments and inserts a new sticky entry then the oldest sticky table entry gets removed from the end of the of the table. Is this correct ?
    By taking a delta of this counter every 60 seconds I'm trying to determine if this counter can be used to work out how long a sticky entry will remain in the sticky table before being purged/pushed out.
    The full namepsace/OID info for apCntStickyStatsNewCt is below:
    Name  .iso.org.dod.internet.private.enterprises.cisco.ciscoMgmt.arrowPoint.apMgmt.cntExt.apCntStickyStatsTable.apCntStickyStatsEntry.apCntStickyStatsNewCt
    (OID .1.3.6.1.4.1.9.9.368.1.16.25.1.2)
    Many thanks,
    Scott

    Hi Gilles,
    Thank you very much for your pointing and suggestion and I am sorry for my delay response.
    I understand there are two kind of CLI on CSM depend on using CSM mode or RP mode.
    - show command begins with "show ip slb" when using CSM mode (ip slb mode csm)
    - show command begins with "show mode csm x" when using RP mode (ip slb mode rp)
    And "show mod csm x sticky config" command can be done on RP mode only.
    So I tried to "show ip slb sticky config" command on CSM mode, but I could not find
    "config" argument as follows,
    ct65svf1#sh ip slb sticky ?
    client sticky associated with a specific client IP address
    groups list configured sticky groups
    | Output modifiers
    ct65svf1#sh ip slb sticky
    So I think, on CSM mode, I can not calculate the amount of sticky entry by executing one
    show command.
    Is my understanding correct ?
    Best regards,

  • CSS 11501 - 32,000 sticky table entries or 128,000?

    The product guide below says the sticky table has either 32,000 or 128,000 entries depending on your model but then doesn't spell out which model has which.
    This figure also appears unavailable on their product data sheet. Anyone know the skinny?
    http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_qanda_item09186a00801aa6d1.shtml
    http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps792/product_data_sheet0900aecd800f851e.html

    I found my own answer. Looking at the "show sticky-stats" - it looks like 131,071 is the magic number.
    CSS11501# show sticky-stats
    Sticky Statistics - SFM Slot 1, Subslot 1:
    Total number of new sticky entries is 0
    Total number of sticky table hits is 0
    Total number of sticky rejects (no entry) is 0
    Total number of sticky collision is 0
    Total number of available sticky entries is 131071
    Total number of used sticky entries is 0
    Total L3 sticky entries are 0
    Total L4 sticky entries are 0
    Total SSL sticky entries are 0
    Total WAP sticky entries are 0
    Total number of SIPCID sticky entries is 0

  • Can I see how long the longest entry has been in the sticky table ?

    Hi,
    I have a customer who has a possible issue with the sticky inactivity timeout on the CSS. At the moment we are using no timeout, just relying on the CSS to purge the entries.
    However, is it possible to see how long the longest entry has been in the sticky table. I can see the 'elapsed time' with the 'show sticky' command but this only shows 100 entries per time and not in time order ?
    Thanks in advance for any help

    Michael,
    You can use the command "show sticky-table" with L3 or L4 options, depending on what you have configured, then add ip addressing to the command, to focus down to where the oldest sticky entries are likely to be, but theres no other way. If your problem is having too many entries, configure a sticky timeout, as the default of 0 will keep then forever, or until overwritten due to the table being full. If the problem is sticky entries timing out too early, you can use the timeout parameter to increase their life, but the sticky table is limited to 32k entries.
    Peter

  • HTTP Sticky Table entries

    All,
    When using the advanced-balance ssl method, I can issue the command show sticky-table all-sticky and see the sticky information entered there.
    I have been trying to setup the equivilent with HTTP for the last few days. I have used the advanced-balance cookies method and the advanced-balance arrowpoint-cookies method.
    Although I see the cookies getting set in the packet traces, the CSS does not create an entry in the sticky table.
    My question is: Should I see entries in the show sticky-table all-sticky when using these methods?
    Thanks in advance.

    there is no sticky table for cookie sticky.
    The cookie value contains the sticy information [ie: the ip address of the real server].
    So no need for sticky table.
    Regards,
    Gilles.

  • Is sticky table really FIFO ?

    Hi, looking at my sticky table on the CSS I can see entries that have been in their for an extremely long time - 3810341 seconds = 44 days.
    We have many services on the CSS but one service on the CSS has 14,000 logons per hours, with a 32K sticky table I would expect entries to get purged within the day ?
    Can anyone explain this behaviour ?
    cheers,
    Mike

    Hi Gilles,
    First thing, we actually have 288Mb of memory so we have 128K sticky entries, not 32K.
    I just spoke with the server guys and they have a total amount of users of 100,000 so it is possible the entries stay in the table for a long time as the other services do not have so many users.
    We do not have sticky-inact-timer set but we are looking to do this for this service to see if the load on the servers becomes more equal.
    CONTENTSWITCH(debug)# show sticky-stats
    Total number of available sticky entries is 0
    Total number of used sticky entries is 131071
    Total L3 sticky entries are 131071
    Total L4 sticky entries are 0
    Total SSL sticky entries are 0
    Total WAP sticky entries are 0
    Total number of SIPCID sticky entries is 0
    One other question, if a sticky entry exisit for Client A going to Server A, then server A fails. Client A will get redirected to Server B. Will the original sticky entry be overwritten with this new one ? I would expect so.
    cheers,
    Mike

  • Apparent gap below CSS sticky footer in IE?

    I've been testing CSS "sticky footer" solutions I found on the Web. The one I picked works in the four browsers I checked with (Firefox, Chrome, Opera and IE) but there's one possible glitch. In IE 8. I'm seeing what appears to be a small gap between the footer and the bottom of the browser window. My Color Cop utility says neither of the two colors in that gap match anything specified in the CSS. I've included a screen capture, and a link if you have IE installed. I'd like to know if this is a problem with IE (who woulda thunk?) or something inherent in the look of IE's browser window?
    http://dreamweaverresources.com/tutorials/sticky-footer/

    I assume "browser chrome" means the imagery used to create the "pieces" of the browser's appearance outside the browser window contents.
    Yes.
    http://www.expression-web-tips.com/what-is-browser-chrome/
    But, if by scrollbar you mean the sliding blue rectangle on white background with a directional arrow on either end, I don't see that anywhere -- side or bottom -- when I view that link in IE 8?
    You'll see it if you shrink the height of your browser below a certain dimension.
    I saw it on my widescreen monitor.

  • DVM Cockpit - table analysis

    Hello experts,
    I'm currently configuring the DVMC on an SAP Solution Manager 7.01 system.
    Within the step "DVM Cockpit: Table Analysis", I must indicate "age of records", "archiving potential" and "deletion potential".
    I only want to go for age of records. Is that correct?
    When saving, I get an error message saying:
    The parameter "Table Name" is mandatory.
    The parameter "Archiving Object" is mandatory.
    The parameter "Execution Mode" is mandatory.
    The parameter "Scenario Title" is mandatory.
    The parameter "Max.Age of TAANA" is mandatory.
    The parameter "Detail Analysis Mode" is mandatory.
    The parameter "Max.Age of DANA" is mandatory.
    Which tablename I should enter?
    Thanks a lot.
    Dimitri

    Hi Raghavan,
    you should be able to find the guide under
    http://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000724737&_OBJECT=011000358700000171052010E
    Regards
    Steffen

  • How to create a multi-page collapsible & CSS styleable table of contents box?

    How to create a multi-page collapsible & CSS styleabe table of contents box?
    Is there a tool available for Dreamweaver or for standalone operation that can create for multi-page articles a collapsible & CSS styleabe table of contents box based on the page titles?

    You could do this with jQuery.
    Table of Contents -
    http://www.downloadjavascripts.com/list/javasiteccc68/Details.aspx
    Collapsible Panels, Tables & Accordions -
    http://www.downloadjavascripts.com/Collapsible_And_Free_Accordion_Panels.aspx
    Nancy O.
    Alt-Web Design & Publishing
    Web | Graphics | Print | Media  Specialists
    www.alt-web.com/
    www.twitter.com/altweb
    www.alt-web.blogspot.com

  • CSS sticky position

    I'm trying to create a navigation bar that is initially down the page and as the user scrolls the navigation bar remains pinned to the top of the browser. An example are shown here, in a CSS demo http://demo.hongkiat.com/css-sticky-position/index2.html and then here is a complete website that uses this: http://albanyrisk.com/
    On the second example (albanyrisk.com) the navigation bar initially seems pinned to the footer, and then moves to the header when scrolling – ideally, this is the effect I'm trying to achieve.
    Any help greatly appreciated!
    Thanks
    Steve

    Hi,
    Try this tutorial: http://www.youtube.com/watch?v=c-SD489AGa8
    Abhishek

  • Identifying source IP in sticky table on ACE

    Hi,
    A newbie question :-)
    How can I see a real source IP address of a sticky table entry on ACE running 2.1.1 code?
    If I do "show sticky database" I see a hash value, but not IP itself. In CSM the command shows the source IP, but not on ACE....
    Thanks!
    David

    Well there is no command to get what you are looking for. Infact you can find a bug CSCsg58769 in this regard in bugtoolkit.
    Previously it used to be IP in decimal format and was needed to be converted to IP dotted quad."I think" some change has been made to the code.
    There are some other ways to workaround it
    for example
    If you want to see stciky database entries for a given client ip you can use
    sh sticky database client
    If you want to see stciky database entries for a given rserver you can use
    sh sticky database rserver
    Syed Iftekhar Ahmed

Maybe you are looking for

  • Can't log in with my password

    A week ago I wan unable to log into my computer becuase the password would no longer work.  I know I might be entering the wrong password, but I was locked out in three different places and i was able to change the password there.  Please help! How c

  • Please help me with formatting the os 10.6.8 without the cd..unable to open any application and i dont have the installation cd.

    Hi I am using mac 10.6.8 and unable to open any application as well as system preferences. I don't have the cd's as well. So tell me what can i do i want to reinstall my os without the cd. Please help

  • Oracle 8i is not installing

    Dear Sir, Oracle 8i is not installing in my system. The setup comes within a fraction of seconds without raising any error . I have PIV 1.5 GHZ with 128 MB RAM. I tried with Win NT,Win 2000, Win 2000 Advanced Server, Win XP but i faced the same probl

  • Two frames open

    hi, i have got a problem with a program i am developing, i have got a JFrame and one of the buttons opens up another JFrame. the problem i am having is that the second window does not open properly. The panel shows but all the information on it is ab

  • Extremly slow mp3 transfer to my muvo v

    Hello! I got my "muvo v200" a vew days ago and since i installed it correctly (i think so (- it doesn?t work right. The transfer of the first 0 mp3s (each 3-4MBs) worked fine, but then it began to stop for about 30 seconds, goes on, stops, goes on, a