IOS SLB and probe failure
Hello,
we use server-load-balancing with IOS 12.1(19)E1
We have a problem if the server receives more connections following error messages REAL 192.168.197.8 (HSSAT1-LX) has changed to PROBE_FAILED and few seconds later REAL 192.168.197.8 (HSSAT1-LX) has changed to OPERATIONAL appears and so on.
We checked the server and they works proper.
What could be the reason for probe failed?
My configuration:
ip slb probe HS-PROBE tcp
interval 5
ip slb serverfarm HSSAT1-LX
nat server
predictor leastconns
failaction purge
probe HS-PROBE
real 192.168.197.8 99
reassign 2
inservice
real 192.168.197.9 99
reassign 2
inservice
ip slb vserver HS.SAT1.DE
virtual xxx.xxx.xxx.xxx tcp www
serverfarm HSSAT1-LX
advertise active
inservice standby allvips
How does a TCP probe works? I could not find more exact information in the documents to configure probes.
Is it better to use another probe (icmp)? or without any probe?
When does it make sense to use probes?
Best regards
Stefan
HI Stefan,
tcp probes do a complete TCP 3-way handshake and normaly terminate the session. A problem which I had some times timeout for a session to be established might be to short if the server is "heavy" loaded.
Probing on a specific method (TCP HTTP ...) is most of the times the better solution. Imagine a WEB-Server which is properly pingable but the httpd died due to some internal error. If you would probe on a per ping basis the loadbalancer will never notice this but if you monitor tcp-port 80 by a tcp probe or better a http probe you will notice this and the server would be taken out of the serverfarm. Even better but afaik not possible in IOS SLB is to probe a certain page e.g. index.html. As you know that the httpd is up and running and pages can be displayed.
Regarding the probing issue it might be usefull to read the follwing link describing healthmonitoring with the CSM
http://www.cisco.com/en/US/products/hw/switches/ps708/products_installation_and_configuration_guide_chapter09186a00801c5899.html#1024967
Hope that helped.
Best Regards,
Joerg
Similar Messages
-
Hi, there:
Is that possible I could use IOS SLB and DNS failover automatically?
i.e:
vip 10.1.1.1
vip 10.2.1.1
dns records:
vip1 10.1.1.1 10.2.1.1
normal condition:
vip1 will be 10.1.1.1
when 10.1.1.1 failed it will give 10.2.1.1
Is that something it could be done on IOS SLB, or other devices?
real services are udp based.gtp service
Thanks,Yes, IOS server load balancing and the DNS failover can be done automatically. Is this not working currently? Can you posts the configuration so that we can check where the problem is.
-
Hi,
I'm trying to configure a DNS probe using IOS SLB, but it's not working.
I followed the manual on how to configure a DNS probe, but it just doesn't make any sense.
When using DNS probes on an ACE, you give a hostname which the DNS server should resolve to a configured IP Address.and configure an ip address, which makes sense.
On the IOS SLB, it is not the case. Two variables can be configured:
Router(config-slb-probe)# address ip-address]
(Optional) Configures an IP address to which to send the Domain Name System (DNS) probe.
Router(config-slb-probe)# lookup [ip-address]
(Optional) Configures an IP address of a real server that a Domain Name System (DNS) server should supply in response to a domain name resolve request.
What am I missing. Could someone please clearify??
Tnx!To verify that a probe is configured correctly, use the show ip slb probe command:
Router# show ip slb probe
It may help you in troubleshooting purpose
For the further description for configuration for the DNS Probe following guide may help you
http://www.cisco.com/en/US/docs/ios/12_2/12_2z/12_2za/feature/guide/slbza5.html#wp2434837 -
Hi, this may be a silly question but is there any problem with configuring IOS SLB on a 6509 which also has a FWSM module in it and the Servers being load balanced are behind the FWSM?
The only thing to consider is that by FWSM, you most likely will be running multiple VRFs on the switch and IOS-SLB has some limitations regarding VRF.
IOS-SLB probes are sent to the global routing table (VRF default) and you will need to 'no advertise' and add static routes to null0 to the VRF for the virtual IPs.
Other than that, IOS-SLB works fine with the FWSM and VRF... -
Hi, I have a simple SLB setup with two servers running in directed mode and two 6509's running IOS SLB to balance between the two. The two servers are web servers and require authentication when hit so I am just testing using a http probe and searching for the 401 code. Is there any gotcha's with configuring the credentials on the 6509 to log onto the webpage? Cheers, Brian
Can you post the following:
1. debug ip slb probe
2. debug ip slb probe conn
3. debug rtr error
4. debug rtr trace -
I've tried to run MRTG against IOS SLB to get stats on the VIPs, but can't get it to work.
Anyone else had any luck with this ?
Anyone monitoring individual VIPs or serverfarms some other way?
SimonYou could try using SNMP to poll the SLB instead. I also found that MRTG doesn't work too well with SLB.
You could use MIBs to monitor VIP processor load and memory usage.
This is the link to the MIB that will enable you to poll SLB through SNMP:
ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SLB-MIB.my -
IOS SLB and Stateless failover
Trying to compare CSM and IOS SLB features. Read where the CSM can have "stateful" failover (maintains sessions) in a box-to-box scenerio. I also read where the IOS SLB can only provide "stateless" failover (I assume during failover, state/connection information is lost) using HSRP.
Can anyone confirm what I have written?
Your help is much appreciated.That is correct.
The CSM can maintain state on connections on a failover using the "replicate csrp" command. This command is not available on IOS SLB.
The following are links to the CSM commands and IOS SLB commands for your reference...
CSM Config guide, release notes and commands:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/cfgnotes/csm_3_1/index.htm
IOS SLB commands: http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1835/products_command_summary_chapter09186a008008805e.html
IOS SLB config guide:
http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75d.html
hope that helps
-Steve -
IOS SLB and IBM Workload Manager
Does anyone know if IOS SLB can function similar to Multinode Load Balancing (MNLB) in that the IOS router acts as a Services Manager which contacts the OS390 Worload Manager (WLM) who then reports back the best OS390 server for a particular connection.
Under MNLB, the Local Director performs the task as the Services Manager, but can a IOS SLB router perform this task?
Thank you for your help.Steve, thank you for the reply. I have a large-scale OS390 WLM request as I'm told that this is the method for providing server load-balancing in a sysplex environment. I wonder why it is not supported in version 4.X. Do you happen to know the long term goal for OS390 load balancing support?
I appreciate your help, Thank you -
Hi,
trying to figure out a possible solution for a 6500 and got a bit confused. According to my knowledge, IOS SLB is working either in L2 (MAC) or L3/4 (NAT), to ensure load balancing. CSM comes in the game, but offers much more, extending to L4/7. Are the two solutions substitude or complementary? Is it true that only with an CSM can you get HTTP probes to check your load balanced server farm? What other differences do you know about these two solutions?
In the paper http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a0080094066.shtml
it is stated that "To run Cisco IOS SLB software, you must configure the mode using the show ip slb mode [csm | rp] command before any configuration. In the show ip slb mode command, the rp argument is default. You can only configure csm argument if you have the Content Switching Module (CSM)."
While in
http://www.cisco.com/en/US/partner/products/hw/modules/ps2706/products_configuration_example09186a008009452d.shtml
cisco states that "You cannot run Cisco IOS® SLB software on the same switch as the CSM."
Any ideas on that?
Thanks in advancethere are 2 ways to configure the csm.
You can use the same ios slb command and just tell the switch that there is a csm with the command 'ip slb mode'.
Or you can use the 'module contentswitching ' command.
If you use the first method, you can't use both a CSM and ios slb on the same switch.
If you use the second method, it is ok to have both ios slb and csm.
IOS SLB offers L4-7 loadbalancing solution.
Just be aware that as soon as you do L7 or do some nating, you poor performance with ios slb compare to a CSM.
One advantage of ios slb is the capacity to do radius loadbalancing [inspecting radius packet to identify framed ip, ...]
This is why in CMX solution we combine both ios slb and csm.
IOS SLB is used to loadbalance radius and the CSM is used to loadbalance the rest of the traffic.
Personally, I would say if you just need some vpn or firewall loadbalancing, ios slb is enough.
If you need HTTP or any other traffic wthe CSM is a better choice.
Regards,
Gilles. -
I can't see this from the documentation, but as far as I can see the configuration commands on the switch are the same for IOS SLB and for the CSM. Does this mean that if you have an CSM which fails, the subset of functions supported by IOS SLB will be ?
I realise performance would be less and only 500 VIPs would be supported etc.
Thanks
SimonSimon,
I do not think this is the case. If you look closely at the configuration you will see the command ip slb mode csm. This causes all SLB functions to be offloaded to the CSM. The default is ip slb mode rp which is IOS based. If the CSM fails then SLB will stop working. You will need to enter the command ip slb mode rp for it to work again.
If you are running version 2.1 or above it is recommended you run ip slb mode rp and use the configuration command
module ContentSwitchingModule X where X is the module number
and the slb commands under this.
Cheers
Phil
Cheers
Phil -
I have recently been researching the IOS SLB features but have had a hard time finding the list of products that support IOS SLB and which feature sets it is available in. Does anyone have the CCO link where this is all located? Thanks!!
-jasonThis feature can be run on the 7100 & 7200 series routers and on the Catlyst 6000 series switches equipped with a Superviser 1 or 2 routing blade.
It will also run on 4840g switches which are currently end-of-sale.
You'll have to use the feature navigator to make sure which software image you need for which platform.
Cheers,
Perry. -
Hi Guys,
can anyone confirm or point out errors in this config that I wish to pop on our 6509. We don't have a test environment, so I need to get as much feedback as I can on this.
Thanks in advance,
James
no natpool WSB_RADIUS 10.176.57.115 10.176.57.115 netmask 255.255.255.128
no serverfarm WSB_RADIUS
no serverfarm WSB_RADIUS_NAT
no policy WSB_RADIUS_NAT
no vserver WSB_RADIUS
no probe WSB_RADIUS_AUTH udp
ip slb serverfarm WSB_RADIUS
nat server
real 10.176.57.38
faildetect numconns 8 numclients 1
inservice
real 10.176.57.39
faildetect numconns 8 numclients 1
inservice
real 10.176.57.40
faildetect numconns 8 numclients 1
inservice
real 10.176.57.41
faildetect numconns 8 numclients 1
inservice
ip slb vserver WSB_RADIUS
virtual 10.176.57.115 udp 1813 service radius
serverfarm WSB_RADIUS
idle radius request 2
inservice standby WSB
interface Vlan130
standby 130 name WSBIOS SLB provides RADIUS load-balancing capabilities for RADIUS servers. In addition, IOS SLB can load-balance devices that proxy the RADIUS Authorization and Accounting flows in both traditional and mobile wireless networks, if desired. IOS SLB does this by correlating data flows to the same proxy that processed the RADIUS for that subscriber flow.
http://www.cisco.com/en/US/products/sw/iosswrel/ps1833/products_feature_guide09186a00802081ce.html#wp2889077 -
Hi
I have configured IOS SLB vserver and serverfarm. There is a list of allowed clients.
But from two clients (with IP 10.171.4.*) there is Reset of connections. Other clients works OK.
ip slb serverfarm SF1
probe SF8888
real 10.91.14.90
weight 1
faildetect numconns 4
retry 20
inservice
real 10.91.14.91
weight 1
faildetect numconns 4
retry 20
inservice
ip slb vserver VS1
virtual 10.91.14.19 tcp 8888
serverfarm SF1
idle 120
delay 5
client 10.91.14.32 255.255.255.255
client 10.91.14.38 255.255.255.255
client 10.91.14.41 255.255.255.255
client 10.91.15.30 255.255.255.255
client 10.91.15.31 255.255.255.255
client 10.171.4.64 255.255.255.255
client 10.171.4.65 255.255.255.255
inservice standby WA-SLB-1
PeterHowdy,
You might want to post this in the application networking area :-)
Cheers
Andrew -
Hi,
1. It is true that ip slb probe http is not working on 6509 without CSM card?
2. Did someone had tested how many IOS SLB client connections can support a 6509 with SUP1A /MSFC2 without CSM card?
Thanks,
YutiThe Cisco CSM accommodates a wide range of common IP protocols?including TCP and User Datagram Protocol (UDP). Additionally, the Cisco CSM supports higher-level protocols, including HTTP, FTP, Telnet, Real Time Streaming Protocol (RTSP), Domain Name System (DNS), and Simple Mail Transfer Protocol (SMTP).
The Cisco CSM allows full regular expression pattern matching for policies based on URLs, cookies, and HTTP header fields. The Cisco CSM supports any URL or cookie format?allowing it to load balance existing Web content without requiring URL or cookie format changes. -
How do I fix my iPod I updated it to iOS 6 and now iTunes and the App Store will not work?, How do I fix my iPod I updated it to iOS 6 and now iTunes and the App Store will not work?
App Store Failure / Updates White Screen
Tap Settings > General > Date and Time > Set Automatically > Off. Set the date one year ahead. Then try to access the App Store.
It may be a connection issue. Try changing your DNS settings to Google’s open DNS by tapping Settings > Wi-Fi >, tap the blue arrow next to your current Wi-Fi network, and then tap the “DNS” field and enter the DNS servers; 8.8.8.8 (Google’s Public DNS, 8.8.4.4 also alternate).
Maybe you are looking for
-
Calling transaction OAOH in webdynpro abap
Hi, I am trying to call the transaction OAOH for uploading a document for archival. But the popup for document upload works only in SAP GUI. Can anyone help?
-
SC order to create commitment in CJ30 / CJI5
Hello SRM Guru's, Extended Clasic Scenario Business Process: SC is ordered with budget avalibility control active in ECC is created with a WBS element having budget assigned to it , this SC will go for approval>>> PO will be created in EBP, will go f
-
ADF Faces: how to extend one of the faces components
Hi all, I am thinking of extending the built-in ADF Faces CommandMenuItem component (to work around a bug that was filed). The only thing that I think I need to do is to add an additional property - I don't believe that I will need to add any additio
-
What the **** is wrong with this stupid machine???????
**** my ipod just broke down for the 2nd time and it's really starting to be annoying.. it won't reset, won't charge the battery, it just shows a sad face. i was looking for an email adress to contact somebody but it's all by phone and i refuse to pa
-
I want to buy an ipad mini Wifi Cellular and use it in Central Asia,so there are two models: A1454 and A1455,what is the difference?