Load balancing, failover and fallback in Non-Clustered WebLogic environment
hi,
Has anyone implemented WebLogic 10.3.3 (or 10.3.4) in a Non-Clustered environment, but also got load balancing, failover and fallback work?
We were successful in getting failover working using t3://server1:7001,server2:7002 provider URL, but not load balancing or fallback.
The fallback is working when it was connecting to server2 and if we kill server2, then it switches to server1, but not when server2 is still running while server1 comes back.
All we need to find a way to enforce fallback to primary site, even if secondary which the client connected is still up and running and primary site comes back.
Any help appreciated.
Thanks.
Best regards,
Bala
hi,
Has anyone implemented WebLogic 10.3.3 (or 10.3.4) in a Non-Clustered environment, but also got load balancing, failover and fallback work?
We were successful in getting failover working using t3://server1:7001,server2:7002 provider URL, but not load balancing or fallback.
The fallback is working when it was connecting to server2 and if we kill server2, then it switches to server1, but not when server2 is still running while server1 comes back.
All we need to find a way to enforce fallback to primary site, even if secondary which the client connected is still up and running and primary site comes back.
Any help appreciated.
Thanks.
Best regards,
Bala
Similar Messages
-
Connection string in listener log file for loading balance/failover
Hi Experts,
I have 4 node RAC for oracle 10g2 in rad hate 5.0
We creaed service dbsale ( sale1,2 as pr imary and sale3/4 as available) with loading balance/failover.
The remote user created a local TNS as
localmarket =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 155.206.xxx.xx)(PORT = 1521))
(LOAD_BALANCE = OFF)
(CONNECT_DATA = (SERVICE_NAME = dbsale))
From server side, I saw that user send two request connection string. one fail and another is OK.
It seems that fail connecting come from failover/loading balance from dbsale3?
Why do we get two connection string in listener log file?
Which difference is between two connection string?
Where does system change these connection string?
Thanks for your explaining.
Jim
==============listener.log message
[oracle@sale log]$ cat listener_sale.log|grep pmason
15-SEP-2009 13:52:24 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54326)) * establish * dbsale * 0
15-SEP-2009 13:52:25 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))(SERVER=dedicated)(INSTANCE_NAME=sale3)) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54327)) * establish * dbsale * 12520
15-SEP-2009 13:52:30 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54329)) * establish * dbsale* 0
15-SEP-2009 13:52:47 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54332)) * establish * dbsale * 0
15-SEP-2009 13:52:47 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))(SERVER=dedicated)(INSTANCE_NAME=sale3)) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54333)) * establish dbsale 12520
15-SEP-2009 13:52:49 * (CONNECT_DATA=(SERVICE_NAME=dbsale)(CID=(PROGRAM=oracle)(HOST=rock)(USER=test ))) * (ADDRESS=(PROTOCOL=tcp)(HOST=161.55.xxx.xx)(PORT=54334)) * establish * dbsale * 0
Edited by: user589812 on Sep 16, 2009 7:21 AMHi Jim,
I think the best way on this case is create one service with one instance as primary and another 3 as available.
Or use the connect string with two vip addresses, cause the service has two instances and the tnsnames.ora entry has only one.
Cheers,
Rodrigo Mufalani
http://mufalani.blogspot.com -
LOAD BALANCE (CSS) and Portal Port Number based on Instance Number
Hi,
My doubt is about LOAD BALANCE (CSS) and Portal Port Number based on Instance Number.
I have to install 3 servers machines and 2 servers databases cluster. There will be a HIGH AVAILABILITY environment. There will be a MIGRATION and UPGRADE.
Today there are 2 servers machines in Windows NLB. Today my production Portal is 6 6.20.
Once, I did something for LABORATORY TEST. Migration (6 6.40) and Upgrade (7.0)in two other machines. But they were with Windows NLB. When I did the installation, for each server machine and during the instalation I had to give one Instance Number for each and in result there was a different Port Number for each.
But I accessed both machines throught a virtual url(dns) with a specific port number. And it works!
NOW, with a HARDWARE LOAD BALANCE _ CSS I don't know how to do.
A guy who works with it tell us that couldn't redirect one Port Number for different port numbers. He couldn't configure the CSS like this.
My question is: Is he write? And if he is, there is a way to give the same instance number for my 3 new Portal servers machines? Example: 5(02)00.
Could you understand?
I need help.
Regards,
cheers,
NiviaNivia,
I have used F5 for load balancing, I am sure you can do the same with CSS. Yes, you can configure a virtual IP on the load balancer with standard ports (80 or 443) and load balancing the traffic to multiple servers with different ports. You can have different ports for each instance.
-Regards
RK -
How a clustered weblogic environment handles orders balanced-wise??
Hi,
In a 2 managed clustered weblogic environment with OSM 7.0.3 and an external load balancer to balance the incoming traffic it is noticed from the managed servers that whichever server is scanning for orders and that is understood by the server's logs:
####<Oct 16, 2012 2:54:33 PM EEST> <Info> <oms> <> <osm_ms01> <Timer-9> <oms-internal> <> <fab6ae59fd53672b:704b5627:13a64686216:-8000-0000000000000010> <1350388473505> <BEA-000000> <cluster.ClusteredHandlerFactory: Querying for high activity orders across the cluster>
is the server that will serve a new order.
Is there a way to achieve a perfect load balance? In a test case of 200 orders all orders where processes by one node and it is the one that scans for new orders.
We configured the external load balancer to split the traffic..But nothing!! Is there an internal mechanism that gathers all orders that are send to multiple servers and executes them in the server that is currently scanning for orders ???
Is there in any manual or Oracle Support Document/note on how is decided in a multiple-clustered environment which server will execute orders???
Thx in advance!Hi Alexandros,
Here's some general information on load balancing:
1. With OSM order affinity, the managed server instance that receives the order (precisely, creates the OSM order) has sole ownership of the order. Other than specific circumstances, the ownership is not transferred, and thus processing of that order stays with that instance till completion.
2. The OSM web service (createOrder API) has no load balancing mechanism internally if HTTP is used as the transport. So if you only send orders to one managed server, that instance will create and thus own all these orders. In contrast, if you use JMS as the transport, it is load-balanced by the JMS distributed destination (provided you are not sending instead to member queues of the distribution destination).
Now, assuming you are using HTTP, you need to ensure that the Load Balancer is really round-robining on the 2 managed servers among HTTP messages of order submissions. Monitor your TCP pipes to verify.
A problem we've seen, is if you are using SoapUI with pre-emptive authentication disabled, the SOAP request without pre-emptive authentication will be rejected, causing a re-send. Because of LB, all orders ended up in one managed server, as the reject-then-accept SOAP message sequence becomes cyclic with odd-even round-robin. So, enable pre-emptive authentication to avoid that.
Btw, is your cartridge handling high-activity orders? If not, I have a suspicion that your pasted log message may be a red-herring.
Cheers,
Daniel Ho
OSM Product Management -
Hardware clustering/load balancing/failover with Tomcat
Hello forum!
I recently bought a Cisco 1801, and it sure is capable! Anyhow, I've got a hobby website that is getting a fair bit of traffic - approaching too much for one node to handle and it's time to start thinking about distributing the load.
I'd like to do a little clustering of server nodes running Apache Geronimo, which is J2EE running atop Apache Tomcat. For the sake of keeping things generic, let's just call it Tomcat because it configures the same way.
I do not run Apache HTTP Server as a proxy, I only run Tomcat directly connected to the internet. I do this for performance reasons.
Anyhow, I'm wondering if any of you evil geniuses could suggest a way that I could cluster Tomcat nodes directly using the router to serve as a hardware load balancer and have the whole sticky session thing with failover, etc... All of the documents I find on the subject discuss clustering by way of Apache HTTP with Mod_JK.
I have already asked this question on the hardware side, and got great information about the capable load balancing features my router sports (but limited compared to Cisco CSS products.)
Now I'm wondering if anyone has experience taking an open source application server like Geronimo or Tomcat or JBoss and clustering it using hardware load balancing. What kinds of Tomcat configurations, if any, do I need to add for things like sticky sessions and failover? Or, is all that automatic?
Thanks so much for reading and for any replies. If there is a better forum for my question, please direct me there.
Cheers,
Dave Woldrich
http://CardMeeting.comThis occurs rarely when the Tomcat process is not able to connect to the database. The database connection problem is an internal cause which manifests externally as missing fields in reports.
Workaround: Restart the Apache process and the Tomcat process. From the CLI on your CiscoWorks Server, enter the following commands in the specified sequence:
1. pdterm Apache
2. pdterm Tomcat
3. pdexec Tomcat
4. pdexec Apache -
Hardware Load Balancing Configuration and Session Clustering
I would like to know where I can find any information on Hardware Load Balancing
Configuration in order to leverage WLS HTTPSession clustering.
Don Ferguson mentioned white papers on this subject however I can't seem to locate
them.
I am particularly interested in Cisco's 11000 Content Service Switch.
Thanks.
Mike Jones
Scroll to the bottom of this link. It discusses how to configure Alteon and Big-IP.
The principles should apply to Cisco as well, but we don't have documentation on
configuring it, as far as I know.
http://e-docs.bea.com/wls/docs61/cluster/index.html
-Don
Michael Jones wrote:
> I would like to know where I can find any information on Hardware Load Balancing
> Configuration in order to leverage WLS HTTPSession clustering.
> Don Ferguson mentioned white papers on this subject however I can't seem to locate
> them.
> I am particularly interested in Cisco's 11000 Content Service Switch.
>
> Thanks.
>
> Mike Jones
-
Load Balancing, Server and / or Client ?
Hi
I am experiencing a problem with the connection pooling in odp.net. I have a simple test app that creates a connection, executes a query, populates an object then closes the connection. I have found that when I have client side load balancing on via the odp.net connection string property many connections are made unnecessary (sometime the actual number created reaches the max pool size but the numbers differ randomly). It appears that rather than a free connection in the pool being used more connections are being created which defeats the point of having a connection pool. I do have server side load balancing configured correctly also. Due to this finding can someone possibly answer the following questions.
a) Do I need both server side and client side load balancing set?
b) If I do why is the above behaviour being seen? If not could you give me a short explanation as to why not?
Current set up is 11g (patched to 6, awaiting 7 to be applied) RAC, 2 nodes.
Below is the C# code used while testing this. The table queried is a simple person table containing 16000 rows if data.
OcConnection = "User Id=XXX; Password=XXX; Connection Lifetime = 60; Data Source=(DESCRIPTION=(ADDRESS_LIST=(FAILOVER=on)(LOAD_BALANCE=off)(ADDRESS=(PROTOCOL=tcp)(HOST=XXX)(PORT=1521))(ADDRESS=(PROTOCOL=tcp)(HOST=XXX)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=MyFirstTest))); Pooling=true; HA Events = true; Load Balancing = true";
Code:-
Oracle.DataAccess.Client.OracleConnection con;
con = new Oracle.DataAccess.Client.OracleConnection();
con.ConnectionString =OcConnection;
con.Open();
// the command object to use for this test
OracleCommand cmd = con.CreateCommand();
cmd.CommandText = "select * from PERSON";
OracleDataReader rdr = cmd.ExecuteReader();
List<test> listTest = new List<test>();
while (rdr.Read())
test dc = new test();
if (!rdr.IsDBNull(0))
dc.id = Convert.ToInt32(rdr.GetValue(0));
if (!rdr.IsDBNull(1))
dc.forename = rdr.GetString(1);
if (!rdr.IsDBNull(2))
dc.surname = rdr.GetString(2);
if (!rdr.IsDBNull(3))
dc.street = rdr.GetString(3);
if (!rdr.IsDBNull(4))
dc.city = rdr.GetString(4);
if (!rdr.IsDBNull(5))
dc.postcode = rdr.GetString(5);
if (!rdr.IsDBNull(6))
dc.country = rdr.GetString(6);
if (!rdr.IsDBNull(7))
dc.email = rdr.GetString(7);
if (!rdr.IsDBNull(8))
dc.dateadded = rdr.GetDateTime(8);
if (!rdr.IsDBNull(9))
dc.randWords = rdr.GetString(9);
if (!rdr.IsDBNull(10))
dc.uniqueNumber = Convert.ToInt32(rdr.GetValue(10));
listTest.Add(dc);
rdr.Close();
con.Close();
rdr.Dispose();
cmd.Dispose();
con.Dispose();
Thanks for your time
VictoriaHere are the HTTP Headers as monitored on the client side. Notice the good.txt file includes a GET as it's initial request. All works fine in this case. However, the initial request in the bad.txt is a POST. This is odd since the URL was opened using the same shortcut in both incidents and the browser was closed between each trace that was taken. I've also reviewed the shortcut with notepad to verify it does not include unwanted data such as the JSESSIONID info....etc.
Once you have reviewed the HTTP headers, I have these questions.
1. IIS is sending the 100 Continue messages as you mention, but why is the CSS injecting the cookie in a 100 response that is not typically processed by the client? The bad.txt file shows the client receiving two ARPT cookies because the first cookie in the 100 continue response was ignored.
2. I know Cisco is not really in the business of troubleshooting browser behaviour. But do you know why the browser would behave differently....GET in one request and a POST in the next? We do not wish to get into modifying the browser, so I'm hoping we can provide a solution on the server side that will allow the browser to function this way if it chooses to do so. Do you think it would make sence to push the state management up a level to the cookie handed out by JRUN? This way, the cookie would not be handed back in a 100 response from IIS, and we could tell the CSS to monitor the JRUN cookie. Of course this would require we determine how to manage this cookie either by modifying to cookie to have static data for each server, or by using the right method of hashing...etc.
Chris -
Load balancing Internet and Site to Site VPN's across Multiple ISP.
Hi Everyone,
We are currently connected to a single ISP with different Internet related services like mail, web, dns and IPSEC site to site VPN's running. We would be adding another ISP and do load balancing across these multiple links. We are using Cisco ASA firewall.
Can anyone suggest a load balancer which can not only provide load balancing of the links but failover as well for mail,web and IPSEC Site to Site VPN's. I came across Peplink that can achieve this but I guess I will have to decommision our ASA in order to install Peplink.
Check attached diagram, this will be our proposed design.
RegardsHi Sundeep,
The simplest solution would be to put an IOS router (or two with HSRP) between the ASA and the ISPs and do policy-based routing for your flows between the 2 ISPs. Otherwise, any load balancer should work fine with the ASA. If failover of the load balancer is a requirement, you'll need to look at product specific documentation for whichever solution you choose.
-Mike -
Load Balancing, Tomcat, and SharePoint
I'm a new BusinessObjects customer and am working on getting all of the hardware in place for a new install. The initial plan is to have two BOE servers, and two tomcat virtual servers, with a hardware based load balancer (F5 BIG-IP Switch: Local Traffic Manager 1600 4GB, possibly) in front of the tomcat servers to handle the load balancing.
But, I'm starting to think that it would be a good idea for us to integrate directly in to our SharePoint portal using the SAP SharePoint Integration option.
So, here's my question. If we do that, then our users will get to their BusinessObjects information via SharePoint. So, SharePoint and IIS will be the web server. Will we still have a need for the Tomcat servers? Will SharePoint point to the load balancer, then to Tomcat, and finally to the BOE server, or will it go right to the BOE server, thus negating the need for the tomcat servers altogether, and also even negating the need for the load balancer? If so, can the BOE app servers themselves still be load balanced?
Hopefully this all makes sense - like I said, we're a new customer, so I don't fully understand all of what the servers are doing. I've spent several days searching the forums & the web & reading documentation and haven't come up with an answer yet, so I'm reaching out to you all & hoping somebody can clear it up for me. Thanks!!Thank you for your input, Denis, this does help explain things. Also, thanks for pointing me to that Windows Patterns document. I hadn't seen that one - since we're starting out on 4.0, I've only been looking at documents under the 4.0 folders...
It sounds like we may want to utilize this same load balancer to balance the SharePoint traffic as well, while we're at it. Right now our SharePoint server is clustered using Microsoft Clustering, but not load balanced in any way. Or maybe we just post a link from within SharePoint to the regular old BI LaunchPad and call it a day!
So, if I understand correctly, if we utilize SharePoint, any traffic/processing that the Tomcat server would have handled would now be handled by the SharePoint server, which could potentially be significant. The actual processing of the reports, though, will still get handled by the BOE Cluster, which takes care of its own load balancing, so we'll be fine. Really the only thing the hardware load balancer does is allow the presentation layer to be load balanced - the layers beyond that get load balanced automatically via CMS. Is that all somewhat valid? In the patterns doc, there's Application Servers separate from the BOE Servers. We were just going to have two BOE servers and two Web servers. Where do the application servers fall in, and are they load balanced using the hardware piece?
If we were just concerned about High Availability, it seems like maybe we could more easily use Windows Clustering on those Tomcat servers, and avoid the hardware component altogether. Do the Web servers really get hammered that hard that we need them load balanced? It seems like the BOE servers are the ones doing the heavy resource intensive tasks and we get them load balanced without the hardware anyway, so maybe load balancing the web servers is overkill..... I'm sure a lot of this is tough to answer, I'm just trying to get a feel for it. I want us to have our best performance & be somewhat future-proofed, but don't want to buy things that I don't need to! We're probably looking at a small, 10-20 concurrent user setup for starters, and out to say 200 concurrent max once it's fully rolled out...
Thanks again!! -
Cisco 1921 Dual ADSL Load Balancing/Failover?
Hello,
We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
This is my current config which I think only one ADSL line is being used. Some input would be appreciated
Robbie
! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 xxxxx
enable password xxxx
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip name-server 194.74.65.68
ip name-server 194.72.0.114
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
revocation-check none
rsakeypair TP-self-signed-xxxxx!
crypto pki certificate chain TP-self-signed-xxxxxx
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
license udi pid CISCO1921/K9 xxxxx
username admin privilege 15 secret 5 xxxxxxxxxx/
interface GigabitEthernet0/0
description lan$ETH-LAN$
ip address 10.0.8.1 255.255.248.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/0/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/1/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer0
mtu 1483
ip address negotiated
ip access-group spalding in
ip access-group spalding out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
interface Dialer1
mtu 1483
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp link reorders
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 10.0.0.0 0.254.255.255
dialer-list 1 protocol ip permit
control-plane
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
endHi,
Can anyone help me with this config? not very reliable.
Building configuration...
Current configuration : 17349 bytes
! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
aaa new-model
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa session-id common
no ip source-route
ip port-map user-protocol--8 port udp 3392
ip port-map user-protocol--9 port tcp 3397
ip port-map user-protocol--2 port udp 3391
ip port-map user-protocol--3 port tcp 14000
ip port-map user-protocol--1 port tcp 3391
ip port-map user-protocol--6 port udp 3394
ip port-map user-protocol--7 port tcp 3392
ip port-map user-protocol--4 port udp 14100
ip port-map user-protocol--5 port tcp 3394
ip port-map user-protocol--10 port udp 3397
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.10.1 192.168.10.49
ip dhcp pool DHCP_POOL1
import all
network 192.168.1.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.1.1
lease infinite
ip dhcp pool ccp-pool1
import all
network 192.168.10.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.10.1
lease infinite
no ip bootp server
ip host SHAWN-PC 192.168.1.10
ip host DIAG 192.168.1.5
ip host MSERV 192.168.1.13
ip name-server 139.130.4.4
ip name-server 203.50.2.71
ip cef
ip cef load-sharing algorithm include-ports source destination
no ipv6 cef
multilink bundle-name authenticated
cts logging verbose
crypto pki trustpoint TP-self-signed-1982477479
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1982477479
revocation-check none
rsakeypair TP-self-signed-1982477479
license udi pid
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
redundancy
controller VDSL 0/0/0
operating mode adsl2+
controller VDSL 0/1/0
operating mode adsl2+
no cdp run
track timer interface 5
track 1 interface Dialer0 ip routing
delay down 15 up 10
track 2 interface Dialer1 ip routing
delay down 15 up 10
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-nat-user-protocol--7-1
match access-group 104
match protocol user-protocol--7
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--4-2
match access-group 101
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--6-1
match access-group 103
match protocol user-protocol--6
class-map type inspect match-all sdm-nat-user-protocol--5-1
match access-group 103
match protocol user-protocol--5
class-map type inspect match-all sdm-nat-user-protocol--4-1
match access-group 102
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--7-2
match access-group 101
match protocol user-protocol--7
class-map type inspect match-all sdm-nat-user-protocol--3-1
match access-group 102
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--2-1
match access-group 101
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--2-2
match access-group 102
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--3-2
match access-group 101
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--8-2
match access-group 101
match protocol user-protocol--8
class-map type inspect match-all sdm-nat-user-protocol--9-2
match access-group 104
match protocol user-protocol--9
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all sdm-nat-user-protocol--9-1
match access-group 101
match protocol user-protocol--9
match access-group 104
class-map type inspect match-all sdm-nat-user-protocol--8-1
match access-group 104
match protocol user-protocol--8
match access-group 102
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-nat-user-protocol--10-2
match access-group 104
match protocol user-protocol--10
class-map type inspect match-all sdm-nat-user-protocol--10-1
match access-group 101
match protocol user-protocol--10
match access-group 104
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--2-1
inspect
class type inspect sdm-nat-user-protocol--3-1
inspect
class type inspect sdm-nat-user-protocol--4-1
inspect
class type inspect sdm-nat-user-protocol--5-1
inspect
class type inspect sdm-nat-user-protocol--6-1
inspect
class type inspect sdm-nat-user-protocol--7-1
inspect
class type inspect sdm-nat-user-protocol--8-1
inspect
class type inspect sdm-nat-user-protocol--9-1
inspect
class type inspect sdm-nat-user-protocol--10-1
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-user-protocol--7-2
inspect
class type inspect sdm-nat-user-protocol--8-2
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class type inspect sdm-nat-user-protocol--2-2
inspect
class type inspect sdm-nat-user-protocol--9-2
inspect
class type inspect sdm-nat-user-protocol--10-2
inspect
class type inspect sdm-nat-user-protocol--3-2
inspect
class type inspect sdm-nat-user-protocol--4-2
inspect
class class-default
drop log
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/0/0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
interface Ethernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/1/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
interface Ethernet0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface GigabitEthernet0/3/0
no ip address
interface GigabitEthernet0/3/1
no ip address
interface GigabitEthernet0/3/2
no ip address
interface GigabitEthernet0/3/3
no ip address
interface GigabitEthernet0/3/4
no ip address
interface GigabitEthernet0/3/5
no ip address
interface GigabitEthernet0/3/6
no ip address
interface GigabitEthernet0/3/7
no ip address
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 1444405858557A
ppp pap sent-username [email protected] password 7 135645415F5D54
ppp multilink
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 01475E540E5D55
ppp pap sent-username [email protected] password 7 055F5E5F741A1D
ppp multilink
router eigrp as#
router eigrp 10
network 192.168.1.1 0.0.0.0
router rip
version 2
network 192.168.1.0
no auto-summary
ip forward-protocol nd
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
ip nat inside source route-map ADSL0 interface Dialer0 overload
ip nat inside source route-map ADSL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip access-list extended NAT
remark CCP_ACL Category=18
permit ip 192.0.0.0 0.255.255.255 any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
remark CCP_ACL Category=1
ip access-list extended STATIC-NAT-SERVICES
permit ip host 192.168.1.35 any
permit ip host 192.168.1.5 any
permit ip host 192.168.1.10 any
permit ip host 192.168.1.17 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
route-map ADSL0 permit 10
match ip address NAT
match interface Dialer0
route-map ADSL1 permit 10
match ip address NAT
match interface Dialer1
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 3 remark HTTP Access-class list
access-list 3 remark CCP_ACL Category=1
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 3 deny any
access-list 10 remark INSIDE_IF=NAT
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 139.130.227.0 0.0.0.255 any
access-list 100 permit ip 203.45.106.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.10
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.35
access-list 101 permit tcp any any eq www
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.35
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.10
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 192.168.1.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 192.168.1.17
control-plane
banner login ^CCE-Rescue Systems^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
end
Thanks
Shawn -
2 x 2911 HSEC router 3 ADSL connections each Site ti Site VPN Load Balancing Failover
Hello,
My senario is as described in Title.
Site A Headquarters. The router is Cisco 2911HSEC with 3 ADSL connections
Site B Remote Office. The router is Cisco 2911HSEC with 3 ADSL connections and 10 Users.
All ADSL connections have static IPs and belong to same ISP.
Need - Site to Site VPN between the routers.
Client requests to load balance the traffic, due to poor ADSL speed and have a failover senarion in case an ADSL line goes down.
Any help will be appreciated.I don't believe you will find a One solution for this.
An idea would be to have all three ADSLs paired with ADSL on the other side.
Have 3 VTI (or GRE) tunnels up all the time (VRF-lite anybody?) and advertise routes to the other side with same metric.
This will cause IOS to load balance natively.
Potential problem: return path might not be the same as forward path, but it should not matter much for most applications.
Potential cool thing you can do: All the "magical" things in routing world (Did I head PfR?). FlexVPN on top to make it more flexible.
Benefit: Rely on IKE to bring down connections which are going down. Little-to-no management once it's up and running. -
Loading balance/failover in JDBC
Hi experts,
we have a 4 nodes oracle 10g2 RAC in linux
we created a service as TNS have info for failover and loading balance
as
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = dbservice)
(FAILOVER_MODE =
(TYPE = SELECT)
(METHOD = BASIC)
(RETRIES = 180)
(DELAY = 5)
it works for no java application
I saw JDBC as
URL="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=dbhost1)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=dbhost2)(PORT=1521))(FAILOVER=on)(LOAD_BALANCE=off))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=dbservice)))"
my question as why are difference setting in TNS and JDBC for load_balance and failover?
do we nned to copy exactly TNS into JDBC?
Do we need to set MultiPools for JDBC? this java application use connection pool to connect toRAC database. and seems that failover does not work.
Thanks for help
JImOk, TAF does not work with jdbc-thin: [http://download.oracle.com/docs/cd/B19306_01/java.102/b14355/overvw.htm#sthref18]
With TAF the client takes care of failover transparent to the application.
But TAF is not the only feature/function that will help with failover. If you have an application server that employs a connection pool, it will also take care of this. When the connection pool determines that a connection is lost/broken (or it receives a FAN event) it will try to reopen a connection and it will be redirected to a working instance. This should keep the application up but all transactions and sessions that were being executed on the failed node will still crash and generate application errors (a smart application could catch such an exception and re-execute all sql).
Maybe you can explain more what kind of behavior you expect during failover and why you think it is not working.
Bjoern -
Dears,
My SharePoint farm is with the below configuration in our office :
Batch processing server the with Central Administration
Web Front End Sever 1 (http://wfe01)
Web Front End Sever 2 (http://wfe02)
I do have the load balance URL as http://finance.mycompany.com and as per the system administrator it seems configured properly.
In AAM i have mapped the URLs as below for the web application in Central Administration portal:
http://finance.mycompany.com - Default Zone
http://wfe01 - Intranet Zone
http://wfe02 - Internet Zone
I was able to browse the site via the load balance URL : http://finance.mycompany.com, but couldn't open the site using the Share Point Designer 2013. It always says the site not found.
please advise,
thanks,
AmmarWhat do the wfe01 and wfe02 aams do?
Are you browsing to the SharePoint site and using SPD on the same computer, is it part of the farm or a seperate client computer?
thanks Alex a lot for your response and appreciate the same.
WFE01, WFE01 is connected to the one central admin on Batch Processing Server (central admin URL is http://SharepointCA:5555 and the SharePoint Web Application is hosted under port 80 on the same server). So the AAM configured on the batch processing server
central admin.
I can connect to the site using the SPD inside the Batch Processing server if i mention the site urs as http://localhost. But not from other client computers by putting the load balance URL - http://finance.mycompany.com.
I can browse the sites directly putting http://wfe01, http://wfe02 and as well as the load balance URL (http://finance.mycompany.com). The custom webparts are getting crashed when i put the web application URL as http://finance.mycompany.com.
thanks,
Ammar -
ACE Load Balance setup and testing - vip
Got a new ACE 4710 and am I new to the appliance. I am testing out a senario with load balancing between two servers. In testing when I ping the VIP ip address the replies I see are from the real server ip addresses. I am just wondering if this is the correct normal behavior or should I see the ping replies coming from the VIP ip address?
ThanksDo you use the
loadbalance vip icmp-reply active
command?
policy-map multi-match POL45
class VStest
loadbalance vip inservice
loadbalance policy L7SLBPOLtest
loadbalance vip icmp-reply active -
Bug with Network Load Balancing Services and SkipAsSource always reverting to true
Steps to reproduce:
Add an IP address to the cluster (2 nodes running Windows Server 2012) using the Network Load Balancing Manager
Using PowerShell set the SkipAsSource flag on the IP Address to true (Set-NetIpAddress -IpAddress 192.168.1.10 -SkipAsSource $true). The flag is correctly set.
Try to reverse the setting (Set-NetIpAddress -IpAddress 192.168.1.10 -SkipAsSource $false). Flag stays as true.
It appears as though Network Load Balancing Services is remembering the setting from someone.
Things I've tried all without success (in no particular order):
Removing the IP address from the cluster and adding it back in
Using PowerShell to remove the IP address and add it back in manually (on each host).Flag stays set as true on the 1st node but takes a second before it reverts back to true on the 2nd node.
Using netsh to remove the IP address and add it back in manually (on each host). Flag stays set as true on the 1st node but takes a second before it reverts back to true on the 2nd node.
Deleting each host from the cluster (one at a time), removing the registry keys CurrentControlSet\Services\WLBS and
Removing both hosts from the cluster
Restarting the hosts
Using processmon (sysinternals) to try and find a registry entry that might be set when SkipAsSource is set
Does anyone know:
How to resolve this issue? I'm guessing resetting the TCP/IP stack would work but that's a last resort as it requires an on sight visit to the datacentre.
Where the SkipAsSource flag it stored?
How to reset the master/global cluster config?
Thank in advance,
AntonyHi Antony,
I am trying to involve someone familiar with this topic to further look at this issue.
There might be some time delay. Appreciate your patience.
Best Regards.
Steven Lee
TechNet Community Support
Maybe you are looking for
-
I can no longer access faculty webmail through Safari at my college. The college told me it was Safari not them. I am running Ver 8.0.2 on a Mac OS X Yosemite Ver 10.10.1. The webmail client is Microsoft Outlook. Is there a fix for this?
-
Reports6i doesn't run under OAS 4.0.8.2
I have recently installed the latest version of OAS in our lab, and was attempting to get Reports6i running on it. I had installed 4.0.8.2 on the same computer that I had 4.0.8.1 running on, but into a different Oracle home. I had configured the repo
-
Regarding Auditing in Oracle 10g
Hi all, i want to enable auditing for particular tables in oracle 10g(linux)..To enable auditing i have put audit_trail=db in init.ora files found in "/proc/4310/cwd" and "/proc/self/cwd/app/oracle/product/10.2.0/server/config/scripts"... but im not
-
Good afternoon. First excuse my English is not very good. Like to know if any have any example Program Module Pool built using the concept of OO ABAP. For example a program with a tab control with methods to insert, update or delete in a table Z. I h
-
Converting from PS single app plan to Photography Special Offer plan
Hi, Just wondering how I can convert from my PS single app plan @ $19.99/month to the photography special offer plan, which includes PS and LR @ $9.99 month. Thanks Regards Ro