Load Balancing Issues SOMEBODY HELP ME!!

Similar Messages

• Server Load balancing issues

  the servers are loadbalancing between the switches '3'
  and '2' and the link between the two switches is blocked.
  This link was forwarding before and thus any traffic going to the server was
  send to the Servers correctly no matter on which switch they are active.
  However after addition of another link in between the switches 'root'
  and '1', the path cost to the root has decreased and thus the link
  between the '2' and '3' is Blocking and the other link between
  the '2' and '1' is Forwarding as it should be ideally. But
  this would be creating an issue because the trafic coming from outside i.e.
  through switch '1' to the server will be correctly send to the
  server if the server NIC is active on the '3' because the Virtual MAC
  addresses are binded accordinlgy. In case the server falls onto the other
  NIC which is on the '2' the traffic won't be able to pass because the
  MAC address is not binded on the trunk connecting the switches '1'
  and '2'. This binding cannot be done because the same MAC address is
  being learned on the another trunk on the '1' which is connecting
  to 'root'. So if we bind the same Virtual MAC on two trunks on the same
  switch ('1') then this will cause MAC Address Flapping on the
  switch and hence canot be done.
  In another case,we can able to bind virtuak MAC on two trunks on the same
  switch('1') and it's working fine.
  The servers are load balancing in round robin fashion. each server has 2 NICs and work in Active-Passive mode. The servers load balance each other when all their active links are connected to '3' switch but when two of the active NICs of two servers are connected to '3' and the rest of the two active NICs from the other two servers are connected to '2' switch then only the forst 2 servers load balance and the other 2 servers do not load balance.
  Please help.
  Thanks in advance.

  In my experience, server load balancing is one of the most difficult things to get going properly in a switched LAN environment. Switched LANs are designed so that one MAC address can only be bound to one switch port. Therefore, if you have two NICs with the same MAC address (real or virtual), then you will get flapping somewhere.
  I have seen various ways that the manufacturers try to get around this limitation of switched LANs. For example, one technique I have seen, practiced by ISA Server, is to use a multicast MAC address for the service so that frames go to both exit ports. But that does not always work well unless you tweak the network to acommodate it.
  What sort of servers are they, and what system is used for the load balancing?
  Kevin Dorrell
  Luxembourg

• SIP load balancing issue with ACE 4710

  SIP Load balancing Issue with ACE 4710
  I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
  rserver host CIN-VOX-31
    ip address 172.20.130.31
    inservice
  rserver host CIN-VOX-32
    ip address 172.20.130.32
    inservice
  serverfarm host CIN-VOX
    probe SIP-5060
    rserver CIN-VOX-31
      inservice
    rserver CIN-VOX-32
      inservice
  sticky sip-header Call-ID VOX_SIP_GROUP
    timeout 1
    timeout activeconns
    replicate sticky
    serverfarm CIN-VOX
  class-map match-all CIN_VOX_L4_CLASS
    2 match virtual-address 172.22.12.30 any
  class-map match-all CIN_VOX_SIP_L4_CLASS
    2 match virtual-address 172.22.12.30 udp eq sip
  policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
    class class-default
      sticky-serverfarm VOX_SIP_GROUP
  policy-map multi-match GLOBAL_DMZ_POLICY
     class CIN_VOX_SIP_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
    class CIN_VOX_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
  interface vlan 20
    description VIP_DMZ_VLAN
    ip address 172.22.12.4 255.255.255.192
    alias 172.22.12.3 255.255.255.192
    peer ip address 172.22.12.5 255.255.255.192
    access-group input PERMIT-ANY-LB
    service-policy input GLOBAL_DMZ_POLICY
  could you please help me on this...
  thanks
  Rakesh Patel

  I mean there should be one more statement-
  class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY 
  match sip header Call_ID header-value sip:
  and that will be called under-
  policy-map multi-match GLOBAL_DMZ_POLICY
     class CIN_VOX_SIP_L4_CLASS
      loadbalance vip inservice
      loadbalance policy CIN_VOX_LB_SIP_POLICY
      loadbalance vip icmp-reply
  is that missing in your config ?

• CSS arrowpoint cookie load balancing issue

  Hi guys,
  I need some advice on a load balancing issue.
  We have connections hitting the CSS via a proxy environment. As a result i see only one source ip address. I want to use arrowpoint cookies for session stickeyness. However when i enable the rule the tcp session negotiation fails. The CSS sends a TCP/RST which terminates the session.
  Here's the rule config:
  content HTTP_rule
  add service ZSTS299102
  add service ZSTS281101
  vip address <filtered>
  add service LONS299102
  add service LONS281101
  balance weightedrr
  change service ZSTS299102 weight 5
  change service ZSTS281101 weight 5
  advanced-balance arrowpoint-cookie
  protocol tcp
  port 80
  url "/*"
  active
  Any help would be much appreciated.

  Remko,
  in L3/L4 the CSS sends the SYN directly to the server.
  So when the FIN comes in, we simply pass it to the server.
  With L5 the CSS spoofs the connection and we select the server only after receiving the GET.
  If there was some delay between the GET and the FIN, the CSS would have time to establish a connection with the server and the FIN could be simply forwarded.
  Unfortunately, in this case the FIN is right after the GET with no delay.
  Gilles.

• ITS load balancing issue

  Hi all,
  During our testing we are getting a load balancing issue.  However, one of the agates in our network is has more CPU power than compared to the other agates in our ITS network.  The memory on all the agate servers is the same. 
  Our current issue we are getting is the one agate that has more cpu power but acquires more sessions as compared to the other two agates.  It roughly gets 60 more sessions per agate process as compare to the other Agate servers.  Does having more cpu on a Agate affect the load balancing on ITS?  We are on ITS patch level 19 with the Hotfix. 
  Thanks,
  Jin Bae

  Hello Jin,
  yes, at (re)initialize the WGate retrieves the capacity from the AGates.
  This is an accumulated number based on CPU performance and the number of CPUs!
  The number can be seen in "wgate-status" as the "Capacity" of the AGate.
  When running multiprocess Agates the number is retrieved from the MManager and also involves the number of agate-processes.
  The WGate dispatches the load in proportion depending on these capacity numbers.
  By my knowledge there is no way that these values can be configured (fixed).
  Regards,
    Fekke

• JSF and load balancing issues

  Hello,
  We are having a difficult time getting our app to work correctly on our load balanced system. Any help / suggestions would be greatly appreciated.
  We have a very basic load balancer which is in round robin mode (this cannot be changed), two separate vms, each with an instance of apache(2.0.54) and tomcat(6.0.14). Each apache talks only to the tomcat on the same vm and the tomcats are configured to session replicate with each other (which is happening).
  When I log in to the app and start pressing a few buttons there are no problems for a little while. I then leave the screen idle for 1 minute and resume pressing buttons. The main session bean which holds information about where the user is and other key information, gets its constructor called and is set back to default and the page goes back to the main menu. Immediately before the bean is reset, the logs show the following:
  [MyApp] 17 Jun 2009 15:33:27,514 WARN: [ajp-8009-2 LoggerListener.onApplicationEvent(60)] : Authentication event AuthenticationSuccessEvent: v; details: (etc etc removed&hellip;)This is what the two logs look like:
  VM1 - Authentication event          
  VM2 - Main menu
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  VM2 - Presss a button &ndash; progress a screen
  [wait 1 min]
  VM1 - Authentication event
  VM1 - Bean reset
  Processing continues, but screen is redirected to main menu
  We have the distributable tag in the web.xml file and javax.faces.STATE_SAVING_METHOD is set to client. Its set to client as the app will not work at all with it set to server (keeps asking for the user to re-log in).
  Thank you,
  Victoria

  Looks like a Tomcat issue to me. JSF is not going to timeout in 1 minute. You might want to check your Tomcat replication settings. Note try to do a very simple loadbalancing application that just echos the Tomcat is executing on.

• Load balancing issues?

  Could someone help me with load balancing, current stats:
  I have a limited understanding, but from what I can make out, we have a significant number of clients being denied association and load balancing to different AP's but then the candidate count suggests a significant number of clients that failed to load balance, presumably because there wasnt an AP available in range that wasn't busy?
  Uptime is 27 days, client count can reach around 220 at busy times, 63 AP's in the building 1142's, 5508 controller. I am wondering if increasing the window size would offer a more robust solution, or will this just degrade user experience further?
  I am having a number of issues with failed client association now, and devices just not being able to operate wirelessly at all
  Client count reaching 25 on some AP's

  I guess per radio per AP client count is more in your case, clients more than the threshold are being shown busy status ( code 17 ) by AP. Therefore, clients are unable to associate to that AP. When the number of retries are over , they are denied. I guess there are network holes as well ( no coverage b/w the cells of differenet APs ). You can increase the window count , however, it depends on the AP model finally ( max. no. of  clients associated ).

• OSB Load balancing issue

  We have a situation in our project.
  We have weblogic8 sp5 server having a MDB deployed which consumes messages from distributed queues created on WLS8. OSB business services post messages on these distributed destinations.
  Set up:
  Non production environements have 2 instances of wls8 servers and 2 instances of OSB(weblogic) servers.
  Production environments have 4 instances of wls8 managed servers and 2 instances of OSB(weblogic) servers.
  Weblogic 8 server has a custer created with only hostname comma seperated. e.g. host1,host2.
  OSB(weblogic) server has cluster created with hostname and port comma seperated. e.g. host1:port,host2:port.
  Scenario 1.
  When wls8 cluster address is used in OSB business services, load balancing is not happening. Messages go on only one of the wls8 managed server. If this server goes down,then only messages goes on the other server. With this, we have got fail over and not load balancing.
  Scenario 2.
  When wls 8 managed server urls are used with comma seperated in OSB business service, some times load balancing happens. This is also not conclusive as when any of the wls8 managed server goes down and comes up, load balancing stops working and all the messages goes to one of the up servers.
  Scenario 3.
  On produciton environmet, we have 4 instances of wls8 managed servers and 2 instances of OSB(weblogic) managed servers.
  As discussed in scenario1, when cluster address is used, load balancing does not happen and all the messages go to 1 of the 4 managed servers. When comma seperated urls are used, some times load balancing happenes but it is load balanced in 2 of the wls8 managed servers. Other 2 do not get any messages.
  We have custom error handling done to catch all the errors occured when any exceptions occurs in proxy service or while invoking business service. Tried adding 4 different urls in end point uri of busness services. If any of the endpoint is down, it gives an error and message flow gets aborted. Tried with enabling retry count. With this, when any endpoint down, it raises an error which is collected in custom error collector and then tries with another available uri. With this, for any error and after successful message flow, an error is logged.
  Any pointers on above points will be helpful to solve our loadbalncing issue.
  Regards,
  Pravin
  Edited by: pravinkapile on Oct 11, 2009 10:03 PM

  Pravin,
  I doubt affinity to Server is somehow configured on the connection factory? Can you please check connection factory configuration?
  Manoj
  http://download.oracle.com/docs/cd/E12840_01/wls/docs103/wlsmbeanref/core/index.html (JMSConnectionFactoryBean)
  Overview
  The load-balancing parameters allow client to choose how they wish to distribute the work to the configured servers.
  Attributes
  This section describes the following attributes:
  * LoadBalancingEnabled
  * ServerAffinityEnabled
  LoadBalancingEnabled
  Specifies whether non-anonymous producers created through a connection factory are load balanced within a distributed destination on a per-call basis.
  If enabled, the associated message producers are load balanced on every send() or publish() .
  If disabled, the associated message producers are load balanced on the first send() or publish().
  Privileges     Read/Write
  Type     boolean
  Default Value     true
  ServerAffinityEnabled
  Specifies whether a server instance that is load balancing consumers or producers across multiple members destinations of a distributed destination, will first attempt to load balance across any other physical destinations that are also running on the same server instance.
  Privileges     Read/Write
  Type     boolean
  Default Value     true
  Edited by: mneelapu on Oct 12, 2009 11:16 AM

• Logon load balancing issue

  Hello Experts,
  We are having an issue with our load balancing.
  We have 4 app servers ,2 for batch and 2 for dialog.
  Dialog are used by SICF service for user to login. But the load is goign to the batch servers as well.Batch servers are running with different logon group and dialog( sicf) with another logon group.
  The load is distributed by Webdispatcher to these servers.
  Can you please provide some hint whe the load is going to another servers which are not meant to handle dialog requests.
  Regards
  Ajay Sandal

  Hi Ajay,
  I suspect your dialog request would be distributing from web-dispatcher.
  Web-dispatcher just performs its own function, it would not see if you have configured two as a dialog server and two for batch jobs.
  In case WD sees available diag WPs, on any of these servers, it will distribute the request to available ones.
  If you want to check the same, then deactivate batch job servers from WD.
  For batch job load balancing, I would suggest you to use logon group for batch jobs.
  To do the same call transaction SM61 -> Job-servergruppen -> create a logon group and assign batch servers.
  In turn to distribute batch jobs, you would need to configure batch servers (created in SM61) while scheduling batch job.
  Let me know if this helps, or your observation so that we could provide some more input on this issue.
  Cheers !!!
  Ashish

• RV042, Load Balance issue

  Hello,
  I'm a newbie to routers and on this discussion.
  I've  purchased a Linksys RV042 hoping I could connect my two ISP.
  Both of them are 1/1 Mb, first is DSL  second PPPoE connection.
  The problem is that on system summary page it doesn't show me that second WAN is connected. Even when I trying to manually connect to Internet it doesn't help.
  When this connection is in Load balance Mode, internet is very slow, sometimes it's even disconnected.
  My question is:
  How to configure Load Balance properly?
  I've tried this page:
  http://www.cisco.com/en/US/products/ps9923/products_qanda_item09186a0080a36632.shtml
  but it didn't helped.
  Or maybe it's just a demo of this option and doesn't work at all?
  Thanks for the reply.....

  Eliviszopa,
  Hi. My name is Tiya and I am one of the Cisco SMB Support Engineers. I have been eyeing your post and I would like to add a few recommendations.
  From what I've gathered, you are having an initial problem with your Dual-WAN configuration, in that you are unable to have both WAN interfaces Live at the same time. I will list a few things that will help you in determining if there is an issue with your RV042's Dual-WAN configuration and connectivity.
  I understand your Network Topology to be: [ISP Modem 1 & ISP Modem 2]---->RV042---->LAN Clients (PC).
  First thing, we need to ensure your router it at the most current firmware version for optimal performance. The RV042 series routers are currently in their 3rd HW revision, so we also need to ensure we download the firmware that is compatible with the HW version of your RV042
  To locate HW version:
  Look on the bottom of your RV042.
  You will find the Serial Number and MAC      address sticker.
  The HW Version will be visible by the      Model Number on that sticker.
  Image below has a Red Square around the      Model Number and HW version of an older RV042 as a reference. HW is indicated      with 'v' and rational number, i.e. v1.1, v2.0. Your sticker may look      slightly different, but the content will be the same:
  Now that we are certain of the HW version, check the release notes below to check the best firmware version for your RV042. I have provided a link below to the RV042 Release Notes:
  Firmware v 4.0.0.7 Release Notes:      http://www.cisco.com/en/US/docs/routers/csbr/rv0xx/release/rv0xx_rn_v4-0-0-7.pdf
  Firmware v 1.3312.19-tm Release Notes:      http://www.cisco.com/en/US/docs/routers/csbr/rv042/release/notes/RV042_RN_v1-3-12-19-tm.pdf
  If your RV042 is using neither of the 2 firmwares, follow this link to download the correct version for your router:
  http://www.cisco.com/cisco/software/type.html?mdfid=282414010&flowid=784
  I would recommend you download and      'flash' your RV042 with the current compatible version of firmware to      address the possibility of software corruption.
  Now, we need to reset your RV042 to factory defaults to remove any parameters previously configured and also, in essence, clear the router's memory so that we can start afresh. When this happens, your RV042 will return all settings to their default state; in other words, it will be as if you are pulling it out of the box for a new install. To do this:
  Disconnect the RV042 from your network,      so that the only item the RV042 is only connected to the power outlet.
  Locate the reset button on your RV042.      This will be on the front of your router and it will be recessed a bit.
  Use a small tipped item; paperclips      usually work best, to hold down the reset button for 30 secs. Anytime less      will not guarantee a full reset to factory defaults.
  Connect your RV042 to your PC. After      about 30 secs, ensure that you have an IP address of 192.168.1.100 on your      PC.
  Now, let's test each WAN port with each of your ISP connections.
  The next few steps will take us through a process that will ensure both WAN ports are working, and ultimately will help is in determining your Dual-WAN connectivity performance.
  Connect one of your DSL modems to WAN1 and configure the WAN1 interface accordingly:
  · DSL connections typically are UN-bridged by default; where you will see the modem is performing NAT. You will use DHCP as the WAN tupe for UN-bridged DSL connection types. This UN-bridged state can be recognized quickly in a couple of ways.
  o    There is a PRIVATE IP address displayed as the WAN1 IP address, e.g. 192.168.x.x. where X is a number 0-254, 10.x.x.x where X is a number 0-254, or less commonly, 172.16.x.x where X is a number 0-254.
  o    When connecting to the modem directly to your PC, you are able to reach the Internet.
  o    If your DSL connection is UN-bridged, you must make sure the LAN IP Subnet of your Modem and Router are NOT the same.
  o    Again, you will use DHCP as the WAN type for UN-bridged DSL connection types.
  · DSL connection that is Bridged will require a PPPoE Username AND Password. This PPPoE username and password will be entered on the RV042 under the WAN type PPPoE. PPPoE connections can be quickly recognized in the same manner:
  o    There is a PUBLIC IP address displayed as the WAN1 IP address AFTER correctly configuring WAN interface to use PPPoE and using correct UN/PW.
  o    You are NOT able to reach the Internet when connecting your PC directly to your RV042.
  · Contact your ISP to assist you in determining the bridged state of your modem to be absolutely certain.
  2.     After you have properly configured WAN1 and confirmed Internet connection, configure WAN2 in the same fashion.
  3.     Change Primary WAN to WAN2 by going to the following location in the RV042:
  · System Management>Dual-WAN> Smart-Link Backup Primary : WAN2 (change this option)
  4.     Disconnect DSL Modem from WAN1 and connect to WAN2.
  5.     Power cycle the DSL Modem, RV042, and also disconnect your PC from the router as well while it is powered down.
  6.     After about 5-10 sec, and in this order, power on your Modem, power on you RV042, and reconnect your PC to one of the LAN ports of your RV042
  7.     After about 30-60 secs, test for Internet connectivity.
  Now we will do the same for your other ISP connection.
  1.     Disconnect all devices from the RV042, save your PC.
  2.     Change Primary WAN to WAN1 by going to the following location in the RV042:
  · System Management>Dual-WAN> Smart-Link Backup Primary : WAN1 (change this option)
  3.     Connect 2nd ISP connection to WAN1 and configure according to Modem configuration, either DHCP or PPPoE.
  4.     Power cycle the DSL Modem, RV042, and also disconnect your PC from the router as well while it is powered down.
  5.     After about 5-10 sec, and in this order, power on your Modem, power on you RV042, and reconnect your PC to one of the LAN ports of your RV042
  6.     After about 30-60 secs, test for Internet connectivity.
  7.     Do the same for WAN2 using your 2nd ISP connection
  At this point, we should now know for certain if both WAN Interfaces will allow Internet connectivity.
  If you have problems with these steps, repost with the steps you took and the results.
  If things are OK, then we will continue with configuring the router for Load Balance Mode:
  1.     Navigate to System Management>Dual-WAN and change your selection from Smart-Link Backup to Load balance
  2.     Configure both WAN1 and WAN2 with the configuration that correlates to the Modem connection it will receive.
  3.     Connect both Modems to the correct WAN port on the RV042.
  4.     Power cycle all devices; Both Modems, RV042, and PC
  5.     Navigate to RV042 management page and check to see if there are IP addresses for WAN1 & WAN2 Interfaces.
  If you have problems with these steps, repost with the steps you took and the results. Let us know your results.

• ACE 4700 load balancing Issue

  Hi,
  I am new in ACE 4700. I have configured ACE 4700 for load balancing the FAX servers. Probe, ServerFarm, Real server, Virtual server, VIP state every thing is up and in service. But I am not able to access the real server using VIP IP address.
  Below is the running configuration. Please help me to troubleshot the problem.
  HOB-ACE-1/Admin# sh run
  Generating configuration....
  no ft auto-sync startup-config
  boot system image:c4710ace-mz.A3_2_0.bin
  hostname HOB-ACE-1
  interface gigabitEthernet 1/1
    description Man_HOB_1
    switchport access vlan 1000
    no shutdown
  interface gigabitEthernet 1/2
    description VIP_HOB_1
    switchport access vlan 24
    no shutdown
  interface gigabitEthernet 1/3
    description HA_HOB_1
    switchport access vlan 180
    no shutdown
  interface gigabitEthernet 1/4
    shutdown
  [7m--More-- [m
  access-list ALL line 8 extended permit ip any any
  probe icmp ICMP_PROBE1
    interval 15
    faildetect 4
    passdetect interval 60
    passdetect count 5
    receive 5
  rserver host MFREFSAS497
    description MAAFAXSERVER
    ip address 10.16.12.148
    conn-limit max 4000000 min 4000000
    inservice
  rserver host MSHOFCFS489
    description HOBFAXSERVER
    ip address 10.26.12.130
    conn-limit max 4000000 min 4000000
    inservice
  [7m--More-- [m
  [K
  serverfarm host SFHOBACE-1
    description SFHOBACE-1
    predictor hash header Accept
    probe ICMP_PROBE1
    rserver MFREFSAS497 80
      conn-limit max 4000000 min 4000000
      inservice
    rserver MSHOFCFS489 80
      conn-limit max 4000000 min 4000000
      inservice
  class-map match-all VSHOBACE-1
    2 match virtual-address 10.26.24.242 any
  class-map type management match-any remote_access
    201 match protocol xml-https any
    202 match protocol icmp any
    203 match protocol telnet any
    204 match protocol ssh any
    205 match protocol http any
    206 match protocol https any
    207 match protocol snmp any
  [7m--More-- [m
  [K
  policy-map type management first-match remote_mgmt_allow_policy
    class remote_access
      permit
  policy-map type loadbalance first-match VSHOBACE-1-l7slb
    class class-default
      serverfarm SFHOBACE-1
  policy-map multi-match global
    class VSHOBACE-1
      loadbalance vip inservice
      loadbalance policy VSHOBACE-1-l7slb
      loadbalance vip icmp-reply
      nat dynamic 1 vlan 24
      nat dynamic 1 vlan 1000
  service-policy input global
  interface vlan 24
    description "Client VLAN"
    ip address 10.26.24.243 255.255.255.0
  [7m--More-- [m
    access-group input ALL
    no shutdown
  interface vlan 1000
    ip address 10.26.12.132 255.255.255.0
    peer ip address 10.26.12.133 255.255.255.0
    access-group input ALL
    service-policy input remote_mgmt_allow_policy
    no shutdown
  ft interface vlan 180
    ip address 192.168.180.2 255.255.255.248
    peer ip address 192.168.180.3 255.255.255.248
    no shutdown
  ft peer 1
    heartbeat interval 300
    heartbeat count 10
    ft-interface vlan 180
  ft group 1
    peer 1
    priority 140
    associate-context Admin
  [7m--More-- [m
    inservice
  ip route 0.0.0.0 0.0.0.0 10.26.12.1
  snmp-server contact "HOB_ACE"
  snmp-server location "HOB"
  snmp-server community FAXSERVER group Network-Monitor
  snmp-server user administrator Network-Monitor
  snmp-server trap-source vlan 1000
  username admin password 5 $1$GtO1e504$eGuyxxDcXck7SkxqBfRkI.  role Admin domain
  default-domain
  username www password 5 $1$N5ClX7jy$kDhGgN.uukWQKvQMd3pY.1  role Admin domain de
  fault-domain
  ssh key rsa 1024 force
  Thanks and Regards,
  Ashfaque

  Hello Hossain,
  Applying the policy globally on the box is commonly not the prefered way to go, you can use instead a single multi-match policy per SVI for easier managent; this will also also help to narrow down problems to a specific policy and VIP while T-Shooting.
  Use the
  ACE/Admin(config)# no service-policy input global
  ACE/Admin(config)# interface vlan 24
  ACE/Admin(config-if)# service-policy input global
  Also you want to remove the NAT from the multi-match policy, you're running in routed mode so NAT should not be required; if it was required then you don't have any natpool configured or as Ahmad mentioned it was truncated from the configuration.
  Something that caught up my attention is that your default route is pointing to the server VLAN that happens to be also your management VLAN, I'll have to lab it up but my first impression is that either the traffic coming to the VIP on vlan 24 should be always NAT'd to an IP of 10.26.24.X/24 before it gets to the ACE or else there will be a routing loop that will not allow the flow to complete correctly.
  Do you happen to have a quick logical diagram of this piece of the network?
  Thnx
  Pablo

• Load-balancing issues with iPlanet and multiple clusters

  We're in performance test of a large-scale clustered deployment based on WLS 5.1sp10.
  Due to scalability/functionality issues, some of which we've seen firsthand and
  some of which we've been informed of by associates as well as BEA representatives,
  we've chosen to implement multiple clusters with a maximum of three nodes each.
  These clusters will be fronted by a web server tier consisting of iPlanet servers
  using the proxy plugin.
  Due to hardware constraints (both in test and in production), however, we've configured
  the iPlanet servers to route across the multiple clusters. In our test environment,
  for instance, we've got a single iPlanet server routing across two 3-node clusters,
  and the configuration in obj.conf is as follows:
  <Object name="application" ppath="*/application">
  Service fn="wl-proxy" \
  WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
  clusterB_3:9991" \
  CookieName="ApplicationSession"
  </Object>
  Our issue is that the load-balancing doesn't appear to work across the clusters.
  We're seeing one cluster get about 90% of the load, while the other receives
  only 10%.
  So, the question (finally!) is: Is this configuration correct (i.e., will it
  work according to the logic of the proxy plugin), and is it appropriate for this
  situation? Are there other alternative approaches that anyone can recommend?
  Thanks in advance,
  cramer

  I use weblogic6.1 with sp2+windows 2000.I develop a web application and deploy
  it to cluster.Through HttpClusterServlets proxy of weblogic I found that a server
  in cluster almost get 95% of requests but another only get 5% of requests.Why???
  I don't set any special parameter.And the weight of the two clustered server is
  equal.I use round-robin arithmetic.
  Thanks!
  "cramer" <[email protected]> wrote:
  >
  We're in performance test of a large-scale clustered deployment based
  on WLS 5.1sp10.
  Due to scalability/functionality issues, some of which we've seen firsthand
  and
  some of which we've been informed of by associates as well as BEA representatives,
  we've chosen to implement multiple clusters with a maximum of three nodes
  each.
  These clusters will be fronted by a web server tier consisting of iPlanet
  servers
  using the proxy plugin.
  Due to hardware constraints (both in test and in production), however,
  we've configured
  the iPlanet servers to route across the multiple clusters. In our test
  environment,
  for instance, we've got a single iPlanet server routing across two 3-node
  clusters,
  and the configuration in obj.conf is as follows:
  <Object name="application" ppath="*/application">
  Service fn="wl-proxy" \
  WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
  clusterB_3:9991" \
  CookieName="ApplicationSession"
  </Object>
  Our issue is that the load-balancing doesn't appear to work across the
  clusters.
  We're seeing one cluster get about 90% of the load, while the other
  receives
  only 10%.
  So, the question (finally!) is: Is this configuration correct (i.e.,
  will it
  work according to the logic of the proxy plugin), and is it appropriate
  for this
  situation? Are there other alternative approaches that anyone can recommend?
  Thanks in advance,
  cramer

• Could not retrieve Enterprise Global Template - Load balancer issue

  Hi,
  We have 4 Project Server 2010 servers. The 4 web servers are load balanced by networking team with sticky session configured.
  When we try to connect to the Project Server using MPP 2007 SP2, it fails saying 'Could not retrieve Enterprise Global template'. It works perfect when we point to a specific server by specifying the IP address for server name in the 'hosts'
  file.
  Earlier we observed some errors in the event viewer related to the SharePoint's internal load balancer for which restarted the 'Project Server Application' on each web server and it got fixed.
  Now, the only entries that we see related to load balancer are as mentioned below as Information (not errors).
  SharePoint Web Services Round Robin Service Load Balancer Event: Initialization
  Process Name: w3wp
  Process ID: 15080
  AppDomain Name: /LM/W3SVC/539065287/ROOT-1-130462463500778047
  AppDomain ID: 2
  Service Application Uri: urn:schemas-microsoft-com:sharepoint:service:ae7c7ee5c09b4e8198bdbb1ecb8c1c1b#authority=urn:uuid:9f626d347784423eb14bde4a1f4d13fc&authority=https://lonms12546:32844/Topology/topology.svc
  Active Endpoints: 4
  Failed Endpoints:0
  Endpoint List:
  http://lonxxx2532:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2545:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2546:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  http://lonxxx2566:32843/ae7c7ee5c09b4e8198bdbb1ecb8c1c1b/PSI
  Could the issue be due to network load balancer?
  Could the issue be due to Sticky session configuration on the load balancer.?
  How can we get to the root cause of the issue?
  Which logging category should we set to 'Verbose' that can give us some hint.
  Update: We tried to capture the requests through fiddler and observed that when fiddler is running on the client computer then the connection works perfectly fine even through the load balancer. Probably fiddler is reformatting the SOAP
  envelop of the web service requests the way it should before sending the request to the server.
  If we do not run fiddler and run some other similar tool (like Charles) then it again gives the issue and the request stucks at /PWA/_vti_bin/psi/winproj.asmx
  We ran Wireshark on the servers and found the following for that web service call:
  [TCP Previous segment not captured] Continuation or non-HTTP traffic.
  Please let me know if someone could provide any hint what can be done next.
  Regards, Amit Gupta

  There are several ways to configure your load balancer.   I would suggest that you work with the network engineer, the load balancer vendor and your project administrator to resolve this issue. 
  Basically you need URL to be resolved correctly.  Also, I don't believe PS2007 did a good job handling load balancing, so you may need to bring someone in good with IIS and see they can tweek IIS to manage the cache better.
  As I go back and look at your analysis, I think you should probably look at upgrading to Project Server 2013.  They made some improvement in load balancing and the management of distributive cache.
  I assume you have 4 WFE because you have thousands of project users.  Roughly how many  you have?  Over 1000, over 5000
  Have you tried to see if using two load balancing work?  How about just one front end.  I often see companies scaling SharePoint and Project server to extremes. 
  Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
  Website http://www.WhartonComputer.com
  Blog http://MyProjectExpert.com contains my field notes and SQL queries

• Cisco ACE20 Load balancing issues

  Dear All,
  I have a problem with the ACE 20 load balance
  To start with following is our architectural request flow:
  Load Balancer --> Webseal /(reverse proxy) --> HTTP Server --> Portal Server
  We have Hardware Load Balancer Cisco ACE20.
  When we access our portal from Webseal server it works totally fine without any issue, but when we access the same application using ACE we face the following issues:
  1) Some of the links on do not work. For eg: We have a link "subscribe" which points to https://intranet/abc/wps/portal/subscription , whenever we click on this link, the request is directed to https://intranet/abc/wps/portal i.e homepage
  2) URL redirection does not work We have some links which have a url forwarding or redirection for example when we open https://intranet/ef/quickplace it forwards the requests to https://intranet/ef/quickplace/Main.nsf?opendocument....., but this redirection fails and again the request is thrown to homepage i.e https://intranet/abc/wps/portal
  3) The response of the request and the overall portal when accessed via ACE is very sluggish and it takes 20 seconds for homepage to load, whereas the homepage loads in 4 secs when accessed via webseal.
  below is the ACE details. Kindly provide the your inputs to resolve this issue. will rate all the suggestions
  Hardware Product Number: ACE20-MOD-K9
    Card Index:     207
    Hardware Rev:   2.3
    Feature Bits:   0000 0002
    Slot No. :      7
    Type:           ACE
  Software
    loader:    Version 12.2[120]
    system:    Version A2(1.4) [build 3.0(0)A2(1.4) adbuild_11:54:12-2009/03/05_/a
  uto/adbu-rel2/rel_a2_1_4_throttle/REL_3_0_0_A2_1_4]
    system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_4.bin
    installed license: ACE-SEC-LIC-K9

  Dear all,
  Please suggest on this issue.
  BS

• CSS load balancing issue

  Hi,
  I'm facing a problem with CSS while load balaning for the web application with two servers.
  The application is based on activex..
  Basically I have two servers running web application for which I have created VIP in the CSS, user hits the VIP address and they access the application, also we use the sticky thing as the application requires the session persistence.. everything is fine, but the problem starts when one of the server fails...
  Assume a user hits the VIP address and access the application, due to the sticky thing his session will be with server A (for eg.), now suddenly the server A fails and in that time the user was doing a transcation and inputting some data and after that he press the submit button on the page, as the server A is down the web page gets refreshed and he has to relogin to the application and redo the whole thing what he was doing in that particular transcation...
  Now the application guys are telling this problem should not happen as the CSS should be able to take care of the session getting reestablished to the other server B during the server A failure...
  Can someone through some lights on this... I'm bit confused now... as what I understand is that the webpage gets refreshed during a server failure because the tcp session id will get changed and the server B will not accept the same tcp session so it reinitiates the new session...
  Is my understanding right?? or is there something which we can do on the CSS to avoid this problem...
  Regards
  Vijay.

  Hi Gilles,
  Thanks for the clarification.
  I have two more issues too...
  1. The load balancing of the application between the two servers are not even. Actually the traffic from the users keep hitting only one server, I understand the point of sticky method used in our case, but even atleast the connection from another client machine should go to the other server,but it is not the case... traffic from all the clients goes to only one server..
  what could be the possible reason for the same...
  My config is as below...
  service SERVER-1
  port 80
  protocol tcp
  keepalive port 80
  keepalive type tcp
  redundant-index 4
  ip address 10.6.223.87
  active
  service SERVER-2
  port 80
  protocol tcp
  keepalive port 80
  keepalive type tcp
  ip address 10.6.223.77
  redundant-index 5
  active
  owner WEB
  content WEB
  add service SERVER-1
  add service SERVER-2
  redundant-index 104
  vip address 10.6.223.78
  protocol tcp
  port 80
  url "/webretrieve*"
  advanced-balance sticky-srcip
  active
  2. Slow response of the application when users access application through VIP address(CSS), what can be done further in the configuration to improve the performance?? or any thing else I can do...
  Regards