IOS NAT Load Balancing w/ Failover Problem

Similar Messages

• Load balancing and Failover

  Hello,
  We are wondering how load-balancing and failover of tpcall() work with
  WTC:
  The scenario:
  We have one WLS Domain and two Tuxedo Domains. The Tuxedo Domains offer
  the same set of services.
  In the bdmconfig.xml, we specify connection_policy as 'ON_STARTUP' for
  both Remote Tuxedo Domains. We also Import (T_DM_IMPORT) the same
  Tuxedo Service from both Tuxedo Domains.
  Questions:
  1. Is there any load-balancing of the tpcall between the two Domains? If
  so, is it round-robin? If round-robin, what determines the order?
  2. If it is ONLY Failover, what determines the order of the tpcall? And,
  is the Failover automatic? Or do we need to code for retry on failure?
  3. ON_DEMAND vs ON_STARTUP: Does ON_DEMAND drop the connection to the
  remote domain upon tpterm? And does ON_STARTUP use a pool of
  TuxedoConnection objects?
  4. Are there any configuration parameters for
  'max_number-of_connections? What determines how many simultaneous
  connections can be made?
  Thanks,
  Suresh Mohan.

  Hi Suresh,
  The following are my answers to your questions.
  Suresh Mohan wrote:
  Hello,
  We are wondering how load-balancing and failover of tpcall() work with
  WTC:
  The scenario:
  We have one WLS Domain and two Tuxedo Domains. The Tuxedo Domains offer
  the same set of services.
  In the bdmconfig.xml, we specify connection_policy as 'ON_STARTUP' for
  both Remote Tuxedo Domains. We also Import (T_DM_IMPORT) the same
  Tuxedo Service from both Tuxedo Domains.
  Questions:
  1. Is there any load-balancing of the tpcall between the two Domains? If
  so, is it round-robin? If round-robin, what determines the order?Yes there is a load balancing between two remote Tuxedo TDomain Gateways.
  The algorithm is random, not RR. Over time this should give equal
  opportunities to both remote TDomain.
  >
  2. If it is ONLY Failover, what determines the order of the tpcall? And,
  is the Failover automatic? Or do we need to code for retry on failure?The load balancing is always there. The failover is automatic. When a
  connection to a remote TDomain encountered a problem (ie network) the remote
  domain will be put on retry open connection (in ON_STARTUP) and the load
  balancing will not select it until the connection re-established.
  However, the tpcall() that encountered the error will not be retried to send
  to different destination. It is up to the application to decide whether it
  want to resend. Any requests called after the error will not select the
  failed Remote TDomain.
  >
  3. ON_DEMAND vs ON_STARTUP: Does ON_DEMAND drop the connection to the
  remote domain upon tpterm? And does ON_STARTUP use a pool of
  TuxedoConnection objects?TPTERM() only terminate your application session to WTC. WTC still maintain
  a secured T-session to remote Tuxedo TDomain. WTC does not use a pool of
  TuxedoConnection Objects, the object stored in the JNDI refers to WTC.
  >
  4. Are there any configuration parameters for
  'max_number-of_connections? What determines how many simultaneous
  connections can be made?No. As described in #3, there is no need to use connection pool in WTC. WTC
  uses session and virtual circuit design concept as Tuxedo TDOMAIN, the
  logical pool is created/destroyed dynamically. That is the reason why you
  can have a lot of TPACALL() outstanding at the same time. (The limitation is
  the availability system resource.)
  >
  >
  Thanks,
  Suresh Mohan.Regards,
  Hong-Hsi :-)

• IChat Load Balancing or failover solution?

  Hello, I am working a plan to develop a iChat server. I think a Mac Mini would be a good start for a group of 50 users. The users are all over the country and my role is to unite them all in a iChat domain. I thought about building two Mac Mini servers and have them run a same domain where all users are registered in. So, we would not be impacted when one of them goes down.
  Anyway, the question is how can I have a load balancing or failover solution for the iChat domain?

  On the issue of load balancing, whilst I don't have any experience with macMini's, you will not need to worry about load balancing with 50 users. I'm sure you can probably put a few naughts on the end of that before you need to worry.
  The design you are proposing will not work for iChat services / and for that matter most of Apple server services. For high availability services (e.g. transparent failover) I think you are going to struggle to get this working and it 'seems' Apple no longer offers guidance on this subject on 10.6.x.
  You will increase availability by using an Xserve with dual PSUs and raid disks. If you are only running high availability ichat services, I would buy a pair of second hand xserves with 10.5 OS and set the ipfailover services running. Personally I would buy one and a service kit and not bother with HA - as you will find the servers are very reliable.
  If you have to use mini's then just have one live and keep a near constant clone of it on another ready to manually swap out if you have a hardware failure.
  Your proposed design will not work without a lot of effort non of which is supported by Apple - although it would be rewarding if you did get it working. You cannot have server to server traffic for the same domain as all your application data needs to be stored centrally. OD only provides services for authentication. The ichat server also has its own data store and this is not distributed nor can it be. It is possible to move the data store over to say an enterprise version of mysql and have that distributed.

• Load Balancing and Failover with 10G Standard Edition

  Hi,
  I am new to Oracle Replication and need some help setting up replication for load balancing and failover. Is this possible using Oracle 10G Standard Edition? I plan on having all updates done on the master site and both databases will be for reads. In case of failure of the master site, I would need to be able to failover to the other database.
  Also, if anyone knows of any documention for Basic Replication in 10G, please let me know.
  Thanks.

  Simple nnapshot replication of data would require significant manual effort to configure to load balance or failover. One the load balancing side, you would generally be limited to to static load balancing-- assigning half the users to one machine and the other half of the users to the other machine, regardless of who is actively using the machine. Failover would be a significant manual effort, particularly to bring the failed machine back into the cluster. You would be implementing the guts of multi-master replication.
  Frankly, if you actually have a system which is valuable enough to need load balancing and disaster recovery, I'm going to wager that it will be far cheaper even in the short run to buy more boxes and/or enterprise edition licenses than to try to implement this sort of thing yourself. In the long run, it will be far cheaper, since it will be far easier to maintain. Building all this yourself would probably be penny wise and pound foolish.
  Justin
  Distributed Database Consulting, Inc.
  http://www.ddbcinc.com/askDDBC

• Load balancing and failover in Embedded LDAP in weblogic

  How to handle load balancing and failover in Embedded LDAP in weblogic server?

  You should consider posting this to the Weblogic and/or LDAP support forums. This forum is meant for Sun Web Server questions.
  Thanks
  Manish

• Network Load Balancing and failover for AFP Sharing

  Dear all,
  Somebody kindly teach me to use round robin DNS to perform the network load balancing, it's success but not the failover.
  I have 4 xserve and want to do the load balancing and failover at the same time.
  I have read the IP failover document and setup it successfully, but anyone know is it possible to do the IP failover for more than 2 server?
  For example, 4 server serving the AFP service at the same time, maybe I have 1 more extra server to do the IP failover for thoese 4 servers.
  As I know, IP failover require Firewire as the heartbeat detection. But one xserve only have 2 firewire ports. May I setting up the IP failover only by a ethernet port and an IP address? does it possible to detect and failover to any server after server down has been detected?
  I believe load balancer maybe the best solution but its cost is too high.
  Thanks any advance!
  Karllee

  well, u have 2 options here
  software load balancing
  request comes it foo.com -> ws7u2 hosting foo.com is configured to run as reverse proxy . this server sends any incoming requests to one of the four back end web server 7 handling your incoming request
  hardware load balancing (this you need to invest)
  request comes to hardware load balancer who responds for foo.com -> sends requests to four ws7 server hosting your application
  you could try out how software load balancing works out for you before you invest in hardware load balancing
  here is more instruction on configuring ws7 + reverse proxy (software load configuration)
  - install ws7 on foo.com
  - create a new configuration (choose port 80, disable java

• Load Balancing and Failover in RMI.

  Hi All,
  I have just one RMI object doing mathematical
  calculations.I want failover (and perhaps load
  balancing also) for this rmi object.Few Application
  servers(like weblogic) provide a wrapper over sun's
  rmi to produce replica aware rmi stubs but they force
  to use vendor specific (like weblogic rmi-registry)
  rmi-registry, which runs within the app server.
  My problem is :
  I dont want to run the whole app server to just run
  one rmi object ?
  Is there a way using which I can make replica aware
  rmi stubs without using the app server ?
  Thanks in advance for the help !!
  Regards
  Rais

  your question is pretty vague. In case you are trying to do load balancing using load balancers then your application layer is actually supposed to be blind as far as the working of the networking layer is concerned (and thats where the load balancers exist). Then the question would also be do you want to achieve this to make the system highly available or make it more resilient and improvr performance. There would be different implementations for both of them. However if you are planning to introduce load balancing programmatically you need to start more than one rmi services.

• Load Balance and failover over 2 lines.

  We have 2 x Cat 6509 with Sup720 and are running Native IOS.
  On Switch A, we have a 1GB link configured as an access link on Vlan 2 to DR site connected to a Cat 3550
  On Switch B, we have a 1GB Link configured as a trunk to the same DR connected to another Cat 3550
  We configured devices to be in VLAN 2 as we want them to use the 1GB link. And the 2nd 1GB link is a logical extension of our main site.
  Now, I want to configure these 2 x 1GB link so that they now act as failover as well as Load balancing.
  1. How do I do this?
  2. Will I need to move the 1GB link on Switch A to switch B
  3. Should I configure the Switch A link also as Trunk?
  Please help.
  Thanks

  Do your 3550s run EMI or SMI? If they run EMI, why not run dynamic routing protocol between the 3550s and the 6500s? OSPF would be a good one to use, if you have hierarchical IP addressing. If your addressing is not hierarchical, then use EIGRP.
  Other than this, the only other possible way I can think of is GLBP (http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper09186a00801541c8.shtml)
  Prior to GLBP, you could also have used HSRP. But it's a bloody nuisance to configure, 'cuz you need to configure two different HSRP groups for the same pair of switches, then manually assigning different hosts/PCs to use different default gateways. As I said, bloody nuisance.
  HTH.

• Load balancing and RFC problem

  Hi!
  I have a problem regarding load balancing and RFC's. We use the follow function in librfc32.dll (from VB6) for RFC calls: RfcOpenExt It's working fine no problem, but from now on we will have to use the this funcion due to load balancing: RfcOpenExtV3
  The only difference between the two functions is the parameters. RfcOpenExtV3 has 5 additional parameters:
  intLoadBalance1, strLbHost1, strLbSysName1, strLbGroup1, intSapGui1
  I asked our tech guys for the details so that I can set up the parameters (double check everything) and the RfcOpenExtV3 doesn't working. Return value is zero.
  Have somebody faced with this issue before?
  Thanks in advance!

  Hi,
  1. Probably this  link may help.
  [http://help.sap.com/saphelp_nw04/helpdata/en/22/042f18488911d189490000e829fbbd/content.htm]
  Especially see the function parameters on this page,
  which are the bottom.
  regards,
  amit m.

• Distributed HA cluster with load-balancing and failover: advice?

  My workplace has a Xeon Xserve, which acts as our primary external server, with an attached ActiveStorage XRAID. We have just purchased a second Xserve/XRAID set to act as a mirror, which we will colocate. Both have Leopard Server installed, along with an array of additional software.
  What we want to do is have both servers load-balance between the two, with failover in case of a server or XRAID fault. I plan on using RSYNC to mirror static files between the two, and I'm looking into PostgreSQL replication and load-balancing solutions for our database. I gather that Apache supports web-server failover and load-balancing, as well. But, that still leaves the actual host and network setup to arrange.
  Does Leopard server support such a thing? The only information I found on IP failover instructs the user to place the two servers on the same subnet, directly connected via ethernet cable; obviously, this would not work in my case.
  Ideally, what we'd end up with is a situation in which the two systems kept each other in sync, both in static files and database data, and load-balanced between themselves; in cases of failure, the remaining system would transparently assume all duties until the other was restored, at which time they would resynchronize
  Any suggestions on how I could arrange such a thing?

  Interesting. Does this DNS-based approach support session tracking, though? I would need to have a user directed to just one of the two servers for the duration of their session, to avoid having to synchronize temporary files and such.
  You can't have it both ways. You need to build tolerance into the app.
  At the simplest level where you run all traffic to one site and use the second site as a failover/standby site you'll be OK most of the time - all users will go to the same server and their sessions will be intact.
  However, under any failover situation (your primary site is down for some reason), there is going to be some level of session traffic that it going to switch over to the other site. If your site depends on sessions then you're going to need to tolerate this kind of situation - your app will need to be able to fail gracefully if a user comes in with an invalid session cookie.
  Note, though, that this may be less of an issue than you at first think - all DNS clients will cache DNS data for whatever TTL you set. This means that if a user looks up your site name and you return an IP address with a 30 minute TTL, then that user is going to use the same IP address for the next 30 minutes and isn't going to ask the server again. This should negate most chance of a user suddenly switching from one server location to the other in mid-session.
  The trick comes in setting the DNS TTL low enough to effect a failover, yet not so long that you impact performance - e.g. you don't want the user to perform a DNS lookup on every page load. You may find that 10 minutes is appropriate. Just bear in mind that this affects how long a user could see your site 'down' before the failover DNS kicks in. Clearly you don't want to set the DNS TTL to a day since that may prevent the user switching to the secondary site for 24 hours by which time, hopefully, the primary site is back up, anyway.
  The 'right' TTL value may take some analysis on your traffic to see how long a typical user 'session' is. If the average user spends 20 minutes on your site, then it would make sense to set your TTL to somewhere around 20 minutes to give the best chance of their entire session staying on the same server.

• Load balancing with failover questions

  If we install 2 multi-role Exchange servers in our building and a 3rd multi-role server in our remote data center, what is the best way to load balance them?  Do we need two load balancers or is there some way to span a single load balancer across the
  WAN ?
  What about using Windows NLB as an alternative to using round robin internally?
  Can a load balancer keep our interoffice Exchange CAS traffic from leaving our LAN and only failover to using the 3rd CAS/mailbox sever for internal users if both internal Exchange servers are offline?
  We would also like remote users to "prefer" to use the data center CAS unless it is down. Right now we point our smart host directly to a CAS, but if we had a load balancer there, we could point the smart host to the IP of the load balancer and
  the load balancer could normally send it to data center CAS if it's up and forward it to one of the servers in the office otherwise.
  Is it possible to do all this without a very complicated and expensive solution?

  Depends... what is the connectivity speed between two sites, is it good enough?
  You can use load balance in front of all the 3 CAS if your inter-site connectivity is very good.
  What about using Windows NLB as an alternative to using round robin internally? WNLB and round robin is different,. You can use DNS Roud Robin if you want to or WNLB for all three CAS Server. Or Hardware loadbalancer for all three CAS servers
  Can a load balancer keep our interoffice Exchange CAS traffic from leaving our LAN and only failover to using the 3rd CAS/mailbox sever for internal users if both internal Exchange servers are offline? If you want to use the load balancer then you don't
  need to fail them over one by one -- again you can use DNS Round Robing so the request will go to eah CAS servers one by one or use Hardware Load balance.
  We would also like remote users to "prefer" to use the data center CAS unless it is down. Right now we point our smart host directly to a CAS, but if we had a load balancer there, we could point the smart host to the IP of the load balancer and
  the load balancer could normally send it to data center CAS if it's up and forward it to one of the servers in the office otherwise.
  Use DNS Server and point the A record to the Primary Data center load balanced CAS server instead using IP or host file.
  Hope that helps
  Where Technology Meets Talent

• ML1000 RPR load balancing and multicast problem

  Hello,
  We have SDH network consisting in a STM16 ring with 7 ONS15454 MSPP nodes, sw version 9.0.1. In each node we have a ML1000-2 card connected in a RPR configuration through VC4-8C(8x155Mbs) circuits.
  My questions:
  Q1 We had expected the ring to balance itself but instead 90% of the traffic is going anti-clockwise which is the direction of the POS-0.
  Q2 We are not able to transmit Multicast packets and we sometimes have problems with udp losses. Could this be due to a bad configuration of the ML-1000? Should we investigate higher in the core switches(6500’s)?
  Thanks

  Manuel,
  I just published a document on load balancing on the ML card.  (ML Load Balancing after 5.doc).
  Check the document section in the Optical Forum.
  Also check the on-line configuration guide.
  http://www.cisco.com/en/US/docs/optical/15000r9_0/ethernet/454/guide/45490a_mlcardovw.html
  As for question #2.  o may find some answers on multicast in the load balancing document or configuration guide.  If not, I suggest opening a TAC case so they can verify your ML configuration.
  Hope this Helps,
  Steve Noyes
  CSE Cisco TAC

• IOS gatekeeper Load Balancing?

  To the experts
  I have 3662 running IOS 12.3T with GK enabled.
  I wonder if I can load balanced outgoing calls via different 02 GKs? (weighted or fair balanced 1-1)
  Call1: MyGK (local zone) --> GK1 (remote zone1)
  Call2: MyGK (local zone) --> GK2 (remote zone1, same zone)
  Call3: MyGk (local zone)--> GK1 (remote zone1)
  ... so on ...
  I think sequencial and blast does not help here. Also, GK1 and GK2 is not Cisco Based (3rd party GK)
  Question: Is there any way for this scenario? DNS round-robin will help if I declare only one remote zone with DNS and I configure my BIND DNS Server to return multiple IP address to MyGk for load balancing?
  Brgds
  Thai Duy Hoa

  The Cisco High-Performance Gatekeeper feature introduces new gatekeeper functionality and modifications for facilitating carrier class reliability, security, and performance into Cisco's Voice Network solution portfolio. These H.323 standard-based features have carrier grade reliability and performance characteristics with a robust open application protocol interface to enable development of enhanced applications like voice VPNs and wholesale voice solutions.
  The new gatekeeper is characterized by the following:
  "Increased support for back end applications.
  "Increased performance on a single gatekeeper.
  "Alternate gatekeeper support to the gatekeeper. Each alternate gatekeeper, or GK node, shares its local zone information so that the cluster can effectively manage all local zones within the cluster. Each alternate gatekeeper has a unique local zone. Clusters provide a mechanism for distributing call processing seamlessly across a converged IP network infrastructure to support IP telephony, facilitate redundancy, and provide feature transparency and scalability.

• Load Balancing and Failover in Dual Ethernet

  I have a cisco 2911/K9 router with two 4Mbps Leased line connection from two different ISPs to my remote office. Remote office has cisco 2811 router
  Main office has MPLS connection with static Ip routing apart from the two leased lines
  All handoffs are ethernet
  Is it possible to do load sharing as well as fail over between the two ISPs, if so how am i to achieve that
  Kindly help me

  Disclaimer
  The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.
  Posting
  If your MPLS vendor supports no dynamic routing, they why do you ask about BGP?  Or, do they only support dynamic routing with BGP?
  You can do equal cost multi-path with BGP (may require a hidden command to fully utilize).
  You could do GRE tunnels across the MPLS cloud and dynamically route between them using your choice of a dynamic routing protocol.
  Both your devices should support OER/PfR (may require a feature upgrade).  OER/PfR will actually dynamically load balance.
  SLA features should also be available on both your routers, those too might require a IOS feature upgrade.
  Configuration examples might be found on Cisco's main web site.

• ASA Vpn load balancing and failover

  Hello all.
  We have two asa5520 configured as primary and standby unit in failover configuration, and all is working properly.
  Is it possible, with this configuration (failover), to configure vpn load balancing/clustering?
  Thanks
  Daniele

  Hi Wajih,
  I am testing this right now. In my case, I want A and B are failover pairs with A as the primary, (A+B) together as one member in cluster with other ASAs C and D. Here is what I found out:
  1, After the active/standby working, configure the load banlancing in the master, the cluster IP worked.
  2, after "no fail ac" in A, cluster IP stopped working. Seems the vpn load banlance configuration wasn't copied over to the standby B.
  3, In the active (now it's the secondary B), manually configure vpn load banlancing, then the cluster IP worked.
  4, "no fail ac" in the B and make the the primary A active, the cluster IP still worked.
  5, after "no fail ac" in A, cluster IP stopped working. show vpn load and found out the load banlance was disabled.
  6, "no fail ac" in the B and make the the primary A active, the cluster IP then worked.
  Based on above, the secondary B's VPN load banlance will be disabled when B becomes active in failover role. If that's true, these two features can't work together. Or maybe there is some configuration I'm missing -- maybe having C or D as the cluster master will help. The ASAs are 5510 with 8.4(2)
  Thanks,
  Rick.