Load Balancing Rip version 2
I have a lab scenario, that is confusing me greatly. I can get per packet load-balancing working when I ping from R2 to interfaces in the 192.168.1.0/30. However, when I'm pinging from R3 , I can't packet load-balance to interfaces in 192.168.4.0/30. I also can't packet load-balance from R1 pinging to interfaces in 192.168.4.4/30. Am I doing something wrong? Thanks...
I have three routers: R1, R2, R3.
R1: Eth0 192.168.1.1/30 connected to R3 eth0
R1: Ser0 192.168.4.1/30 connect to R2 Ser0
R2: Ser0 192.168.4.2/30 connect to R1 Ser0
R2: Ser1 192.168.4.5/30 connect to R3 Ser0
R3: Eth0 192.168.1.2/30 connect to R1 eth0
R3: Ser0 192.168.4.6/30 connect to R2 Ser1
All of the routers run:
2500 Software (C2500-I-L), Version 12.2(29a), RELEASE SOFTWARE (fc1)
Configs for R1, R2, R3 are attached as a plain text file and listed below:
R1 config:
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service udp-small-servers
service tcp-small-servers
hostname R1
ip subnet-zero
ip host R1 192.168.1.1
ip host R2 192.168.4.2
ip host R3 192.168.1.2
interface Ethernet0
ip address 192.168.1.1 255.255.255.252
no ip route-cache
no ip mroute-cache
interface Serial0
ip address 192.168.4.1 255.255.255.252
no ip route-cache
no ip mroute-cache
interface Serial1
no ip address
no ip mroute-cache
shutdown
interface Serial2
no ip address
no ip mroute-cache
shutdown
interface Serial3
no ip address
no ip mroute-cache
shutdown
interface BRI0
no ip address
encapsulation hdlc
no ip mroute-cache
shutdown
router rip
version 2
network 192.168.1.0
network 192.168.4.0
ip classless
no ip http server
line con 0
line aux 0
line vty 0 4
end
R2 config:
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname R2
ip subnet-zero
ip host R1 192.168.1.1
ip host R2 192.168.4.2
ip host R3 192.168.1.2
interface Ethernet0
shutdown
interface Serial0
ip address 192.168.4.2 255.255.255.252
no ip route-cache
no ip mroute-cache
clockrate 56000
interface Serial1
ip address 192.168.4.5 255.255.255.252
no ip route-cache
no ip mroute-cache
clockrate 56000
interface Serial2
no ip address
shutdown
interface Serial3
no ip address
shutdown
interface Serial4
no ip address
shutdown
interface Serial5
no ip address
shutdown
interface Serial6
no ip address
shutdown
interface Serial7
no ip address
shutdown
interface Serial8
no ip address
shutdown
interface Serial9
no ip address
shutdown
interface BRI0
no ip address
encapsulation hdlc
shutdown
router rip
version 2
network 192.168.4.0
ip classless
no ip http server
line con 0
line aux 0
line vty 0 4
end
R3 config:
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname R3
ip subnet-zero
ip host R2 192.168.4.2
ip host R1 192.168.1.1
ip host R3 192.168.1.2
interface Ethernet0
ip address 192.168.1.2 255.255.255.252
no ip route-cache
no ip mroute-cache
interface Serial0
ip address 192.168.4.6 255.255.255.252
no ip route-cache
no ip mroute-cache
interface Serial1
no ip address
no ip mroute-cache
shutdown
interface BRI0
no ip address
encapsulation hdlc
no ip mroute-cache
shutdown
router rip
version 2
network 192.168.1.0
network 192.168.4.0
ip classless
no ip http server
line con 0
line aux 0
line vty 0 4
end
I figured it out. When I configur "no auto-summary" on each router it behaves nicely with per packet load balancing. I guess I needed to get rid of the summarized routes listing /24 for my VLSMed 4.0 4.4 /30 networks.
Thanks
Similar Messages
-
Load-balancing by application version
Hi there. I have a pair of CSS-11501's that I'm using for load-balancing incoming connections for a specific software application. We have 2 versions of the software that connect to the same TCP port on the server side. Is there any way to have the CSS distinguish between the application versions so I can direct traffic to different clusters based on version, without the customer knowing?
no way with the CSS.
The CSS can understand http but not other applications.
The ACE module in its next software release will be able to catch data on any application and make an action like loadbalance with it.
Gilles. -
Version of Load Balancer on Apps1ii
Hi All,
How to find the version of Load Balancer on Apps 11i Nodes ?
Thanks,Hi
Check
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/xi/high%20availability%20guide%20-%20sap%20xi%203.0.pdf
Also check sap web dispatcher
http://help.sap.com/saphelp_nw04/helpdata/en/42/5cfd3b0e59774ee10000000a114084/content.htm
Thanks! -
Cisco 1921 Dual ADSL Load Balancing/Failover?
Hello,
We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
This is my current config which I think only one ADSL line is being used. Some input would be appreciated
Robbie
! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 xxxxx
enable password xxxx
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip name-server 194.74.65.68
ip name-server 194.72.0.114
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
revocation-check none
rsakeypair TP-self-signed-xxxxx!
crypto pki certificate chain TP-self-signed-xxxxxx
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
license udi pid CISCO1921/K9 xxxxx
username admin privilege 15 secret 5 xxxxxxxxxx/
interface GigabitEthernet0/0
description lan$ETH-LAN$
ip address 10.0.8.1 255.255.248.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/0/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/1/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer0
mtu 1483
ip address negotiated
ip access-group spalding in
ip access-group spalding out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
interface Dialer1
mtu 1483
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp link reorders
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 10.0.0.0 0.254.255.255
dialer-list 1 protocol ip permit
control-plane
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
endHi,
Can anyone help me with this config? not very reliable.
Building configuration...
Current configuration : 17349 bytes
! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
aaa new-model
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa session-id common
no ip source-route
ip port-map user-protocol--8 port udp 3392
ip port-map user-protocol--9 port tcp 3397
ip port-map user-protocol--2 port udp 3391
ip port-map user-protocol--3 port tcp 14000
ip port-map user-protocol--1 port tcp 3391
ip port-map user-protocol--6 port udp 3394
ip port-map user-protocol--7 port tcp 3392
ip port-map user-protocol--4 port udp 14100
ip port-map user-protocol--5 port tcp 3394
ip port-map user-protocol--10 port udp 3397
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.10.1 192.168.10.49
ip dhcp pool DHCP_POOL1
import all
network 192.168.1.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.1.1
lease infinite
ip dhcp pool ccp-pool1
import all
network 192.168.10.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.10.1
lease infinite
no ip bootp server
ip host SHAWN-PC 192.168.1.10
ip host DIAG 192.168.1.5
ip host MSERV 192.168.1.13
ip name-server 139.130.4.4
ip name-server 203.50.2.71
ip cef
ip cef load-sharing algorithm include-ports source destination
no ipv6 cef
multilink bundle-name authenticated
cts logging verbose
crypto pki trustpoint TP-self-signed-1982477479
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1982477479
revocation-check none
rsakeypair TP-self-signed-1982477479
license udi pid
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
redundancy
controller VDSL 0/0/0
operating mode adsl2+
controller VDSL 0/1/0
operating mode adsl2+
no cdp run
track timer interface 5
track 1 interface Dialer0 ip routing
delay down 15 up 10
track 2 interface Dialer1 ip routing
delay down 15 up 10
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-nat-user-protocol--7-1
match access-group 104
match protocol user-protocol--7
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--4-2
match access-group 101
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--6-1
match access-group 103
match protocol user-protocol--6
class-map type inspect match-all sdm-nat-user-protocol--5-1
match access-group 103
match protocol user-protocol--5
class-map type inspect match-all sdm-nat-user-protocol--4-1
match access-group 102
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--7-2
match access-group 101
match protocol user-protocol--7
class-map type inspect match-all sdm-nat-user-protocol--3-1
match access-group 102
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--2-1
match access-group 101
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--2-2
match access-group 102
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--3-2
match access-group 101
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--8-2
match access-group 101
match protocol user-protocol--8
class-map type inspect match-all sdm-nat-user-protocol--9-2
match access-group 104
match protocol user-protocol--9
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all sdm-nat-user-protocol--9-1
match access-group 101
match protocol user-protocol--9
match access-group 104
class-map type inspect match-all sdm-nat-user-protocol--8-1
match access-group 104
match protocol user-protocol--8
match access-group 102
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-nat-user-protocol--10-2
match access-group 104
match protocol user-protocol--10
class-map type inspect match-all sdm-nat-user-protocol--10-1
match access-group 101
match protocol user-protocol--10
match access-group 104
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--2-1
inspect
class type inspect sdm-nat-user-protocol--3-1
inspect
class type inspect sdm-nat-user-protocol--4-1
inspect
class type inspect sdm-nat-user-protocol--5-1
inspect
class type inspect sdm-nat-user-protocol--6-1
inspect
class type inspect sdm-nat-user-protocol--7-1
inspect
class type inspect sdm-nat-user-protocol--8-1
inspect
class type inspect sdm-nat-user-protocol--9-1
inspect
class type inspect sdm-nat-user-protocol--10-1
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-user-protocol--7-2
inspect
class type inspect sdm-nat-user-protocol--8-2
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class type inspect sdm-nat-user-protocol--2-2
inspect
class type inspect sdm-nat-user-protocol--9-2
inspect
class type inspect sdm-nat-user-protocol--10-2
inspect
class type inspect sdm-nat-user-protocol--3-2
inspect
class type inspect sdm-nat-user-protocol--4-2
inspect
class class-default
drop log
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/0/0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
interface Ethernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/1/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
interface Ethernet0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface GigabitEthernet0/3/0
no ip address
interface GigabitEthernet0/3/1
no ip address
interface GigabitEthernet0/3/2
no ip address
interface GigabitEthernet0/3/3
no ip address
interface GigabitEthernet0/3/4
no ip address
interface GigabitEthernet0/3/5
no ip address
interface GigabitEthernet0/3/6
no ip address
interface GigabitEthernet0/3/7
no ip address
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 1444405858557A
ppp pap sent-username [email protected] password 7 135645415F5D54
ppp multilink
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 01475E540E5D55
ppp pap sent-username [email protected] password 7 055F5E5F741A1D
ppp multilink
router eigrp as#
router eigrp 10
network 192.168.1.1 0.0.0.0
router rip
version 2
network 192.168.1.0
no auto-summary
ip forward-protocol nd
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
ip nat inside source route-map ADSL0 interface Dialer0 overload
ip nat inside source route-map ADSL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip access-list extended NAT
remark CCP_ACL Category=18
permit ip 192.0.0.0 0.255.255.255 any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
remark CCP_ACL Category=1
ip access-list extended STATIC-NAT-SERVICES
permit ip host 192.168.1.35 any
permit ip host 192.168.1.5 any
permit ip host 192.168.1.10 any
permit ip host 192.168.1.17 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
route-map ADSL0 permit 10
match ip address NAT
match interface Dialer0
route-map ADSL1 permit 10
match ip address NAT
match interface Dialer1
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 3 remark HTTP Access-class list
access-list 3 remark CCP_ACL Category=1
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 3 deny any
access-list 10 remark INSIDE_IF=NAT
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 139.130.227.0 0.0.0.255 any
access-list 100 permit ip 203.45.106.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.10
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.35
access-list 101 permit tcp any any eq www
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.35
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.10
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 192.168.1.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 192.168.1.17
control-plane
banner login ^CCE-Rescue Systems^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
end
Thanks
Shawn -
Does rip version 2 also use the wild card mask in a classless situation?
I figured it out. When I configur "no auto-summary" on each router it behaves nicely with per packet load balancing. I guess I needed to get rid of the summarized routes listing /24 for my VLSMed 4.0 4.4 /30 networks.
Thanks -
Error while selecting Load Balancing in JCO creation
While creating JCO i am facing this error.It is working fine with Single server connection,but when i chose Load balancing i error comes out.Please tell me the solution.
I have read couples of forum mentioned you need to start both Portal and ECC.
For you information my Portal and Java are both on diffrrent Box.
com.sap.mw.jco.JCO$Exception: (102) RFC_ERROR_COMMUNICATION: Connect to message server host failed Connect_PM TYPE=B MSHOST=olameccpdvr GROUP=PUBLIC R3NAME=DVR MSSERV=sapmsDVR PCS=1 LOCATION CPIC (TCP/IP) on local host with Unicode ERROR service 'sapmsDVR' unknown TIME Thu Feb 24 12:19:54 201 RELEASE 701 COMPONENT NI (network interface) VERSION 38 RC -3 MODULE nixxhsl.cpp LINE 776 DETAIL NiHsLGetServNo: service name cached as unknown COUNTER 5Is your backend system configured correctly in your SLD ?
Go to transaction SMMS on your backend system that your are connecting to. Click on Goto=>Parameters=>Display. Look for "server port" value.
This should give you the TCP/IP port for your message server. It could be 3600 or 3601 (36NN - where NN is the instance number).
In your services file, if you made the entry at the end of the file, press Enter (Return) after your entry.
Try restarting your server after making the above changes.
- Shanti -
Error in creation of JCO with Load balancing server
Hi,
We are using a ABAP user base for our WEBAS server 6.40 (with ABAP+JAVA). i have created a Public group in concerned ECC 5.0 system. I have already configured SLD, and then i maintain data supplier bridge in SLD and run RZ70 in ECC 5.0 system to load system information.. i can see details in SLD ..
now i am trying to create JCO connections .. here i am unable to create JCO with load balancing option.. i get
com.sap.mw.jco.JCO$Exception: (102) RFC_ERROR_COMMUNICATION: Connect to message server host failed Connect_PM TYPE=B MSHOST=<servername> GROUP=PUBLIC R3NAME=SID MSSERV=sapms<SID> PCS=1 ERROR service 'sapms<SID>' unknown TIME Fri Jun 16 12:41:20 2006 RELEASE 640 COMPONENT NI (network interface) VERSION 37 RC -3 MODULE ninti.c LINE 505 DETAIL NiPGetServByName2: service 'sapms<SID>' not found SYSTEM CALL getservbyname_r COUNTER 1
i am able to create single server JCO, but it fails in load balancing.. is there anything i have missed out in settings...
Thanks and regards,
SudhirThanks, Bogdan Rokosa
I have the same problem,and solved it following the steps provided by Bogdan Rokosa :
you must insert an entry for your R3 system
(like: sapms<SID> 3600/tcp)
in services file
(C:\WINDOWS\system32\drivers\etc\services) on Java WAS.
I test the Jco successful without restart J2EE Engine. -
How to use the Load Balancer Plug-in to serve multiple domains
In SJSAS8.1 SE/EE the asadmin commands that create and maintain a load balancer configuration operate within a domain. When the load balancer configuration is exported an xml file is created that contains all the information for that domain. To make the load balancer plug-in balance the load for multiple domains, the loadbalancer.xml files can be manually merged to conatin the data that is exported from each domain's load balancer configuration.
For example, 2 domains are created, both having a load balancing configuration. After exporting both configurations using the asadmin export-http-lb-config command, the user would then cut and past the cluster information into the single loadbalancer.xml file that resides under the web server's config directory.
An example of the manually merged loadbalancer.xml file follows:
<?xml version="1.0" encoding="UTF-8"?>
<loadbalancer>
<cluster name="domain1">
<instance disable-timeout-in-minutes="30" enabled="true" listeners="http://localhost:1026 https://localhost:38181" name="i1"/>
<instance disable-timeout-in-minutes="30" enabled="true" listeners="http://localhost:1027 https://localhost:38182" name="i2"/>
<web-module context-root="ab" disable-timeout-in-minutes="30" enabled="true"/>
<health-checker interval-in-seconds="5" timeout-in-seconds="60" url="/"/>
</cluster>
<cluster name="domain2">
<instance disable-timeout-in-minutes="30" enabled="true" listeners="http://localhost:1029 https://localhost:38189" name="i3"/>
<instance disable-timeout-in-minutes="30" enabled="true" listeners="http://localhost:1030 https://localhost:38188" name="i4"/>
<web-module context-root="webservice" disable-timeout-in-minutes="30" enabled="true"/>
<health-checker interval-in-seconds="5" timeout-in-seconds="60" url="/"/>
</cluster>
<property name="response-timeout-in-seconds" value="60"/>
<property name="reload-poll-interval-in-seconds" value="5"/>
<property name="https-routing" value="false"/>
<property name="require-monitor-data" value="false"/>
<property name="route-cookie-enabled" value="true"/>
</loadbalancer>
Hope this helps - MarkMark, be my savior, I work for SUN as subcontractor at client site. the only one at site ...so I depend on this forum for solutions........
still having trouble failingover to second instance. I have two AccessManagers behind this loadbalancer.
Here is what I saw......
**************LOGS**********************
[20/Jun/2005:14:22:47] failure (15102): for host 128.114.65.13 trying to GET /amconsole/base/AMA
dminFrame, service-passthrough reports: timed out waiting for request body
[20/Jun/2005:14:22:47] warning (15102): reports: lb.runtime: ROUT1014: Non-idempotent request /
amconsole/base/AMAdminFrame cannot be retried.
So I went and updated the loadbalancer.xml (see at the end of the msg). Now I get a different kind of problem...
**************LOGS******************************
[20/Jun/2005:15:25:18] failure (15295): for host 128.114.65.13 trying to GET /amconsole/base/AMA
dminFrame, service-passthrough reports: timed out waiting for request body
[20/Jun/2005:15:25:18] info (15295): reports: lb.runtime: RNTM3003 : Error servicing the request : NoVal
Here is my loadbalancer.xml file...
<loadbalancer>
<cluster name="cluster1">
<instance name="instance1" enabled="true" disable-timeout-in-minutes="1" listeners="http://idm-test-1.ucsc.
edu:80 "/>
<instance name="instance2" enabled="true" disable-timeout-in-minutes="1" listeners="http://idm-test-2.ucsc.
edu:80 "/>
<web-module context-root="amconsole" disable-timeout-in-minutes="1" enabled="true" error-url="sun-http-lber
ror.html" >
<idempotent-url-pattern url-pattern="/*" no-of-retries="3" />
</web-module>
<web-module context-root="amserver" disable-timeout-in-minutes="1" enabled="true" error-url="sun-http-lberr
or.html" >
<idempotent-url-pattern url-pattern="/*" no-of-retries="3" />
</web-module>
<web-module context-root="ampassword" disable-timeout-in-minutes="1" enabled="true" error-url="sun-http-lb
error.html" />
<web-module context-root="amcommon" disable-timeout-in-minutes="1" enabled="true" error-url="sun-http-lberr
or.html" >
<idempotent-url-pattern url-pattern="/*" no-of-retries="3" />
</web-module>
<health-checker url="/" interval-in-seconds="15" timeout-in-seconds="2" />
</cluster>
<property name="reload-poll-interval-in-seconds" value="60"/>
<property name="response-timeout-in-seconds" value="30"/>
<property name="https-routing" value="false"/>
<property name="require-monitor-data" value="true"/>
<property name="active-healthcheck-enabled" value="true"/>
<property name="number-healthcheck-retries" value="3"/>
<property name="route-cookie-enabled" value="true" />
</loadbalancer>
************************************************************** -
Load balance not happening in BGP
Dear Friends,
As per I know local BGP process may implement equal-cost load-balancing to the paths that:
Have the same set of path attributes up to the MED (weight, Local Preference, Origin, MED)
Are of the same type (both learned via iBGP or eBGP)
Have the same IGP cost to reach their NEXT_HOP IP address
If the above conditions are met andmaximum-paths [ibgp]is configured under the BGP process, BGP will install multiple equal-cost routes into the local RIB and use them for load-balancing. We call the above condition as load-balancing conditions for BGP.
As all the above criteria are matched still BGP is not doing load balance. Please find below routing table:
R1:
R1#sh ip bgp
BGP table version is 4, local router ID is 40.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i192.168.1.0 20.1.1.2 0 100 0 i
* i 30.1.1.1 0 100 0 i
R1#sh ip route
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
R 20.1.1.0 [120/1] via 10.1.1.2, 00:00:03, FastEthernet0/0
40.0.0.0/24 is subnetted, 1 subnets
C 40.1.1.0 is directly connected, FastEthernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
B 192.168.1.0/24 [200/0] via 20.1.1.2, 00:12:01
30.0.0.0/24 is subnetted, 1 subnets
R 30.1.1.0 [120/1] via 40.1.1.2, 00:00:15, FastEthernet0/1
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
neighbor 40.1.1.2 remote-as 100
maximum-paths 2
no auto-summary
Please help....!!!!!!! why BGP is not load balancing here????
R1#traceroute 192.168.1.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
1 10.1.1.2 88 msec 60 msec 28 msec
2 20.1.1.2 104 msec 56 msec 120 msec
Regards,
SanjibDear Jon,
Thank you so much.
When I changed the configuration BGP is now loadbalancing. But in configuartion Max-path showing as 1 instead of 2.
R1#sh ip pro | sec bgp
Routing Protocol is "bgp 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
12.1.1.2
13.1.1.3
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
13.1.1.3 200 00:01:12
12.1.1.2 200 00:02:15
Distance: external 20 internal 200 local 200
Regards,
Sanjib -
Scenario breakdown :
I have two app servers on hand version 6 (App1) and (App2) and a singular web server - IWS 4.1(Web1).
Solution thus far :
I have chosen to use App2 as the Sync Primary and App1 as the Backup. Created a new cluster "mohrelxcluster" in kregedit and created two entries at location Clusters\mohrelxcluster\SyncServers to include both servers at port 10818(kxs). I have futher setup round robin polling under CCS0\LoadDb. I set the following values under CCS0\LoadDb\ServerWeights:
- ipaddressApp1:10818=50
- ipaddressApp2:10818=50
Finally, created the needed entry under CCS0\ClusterName:
-mohrelxcluster=0
Upon doing so, I started both servers according to order of precedence App2 first then App1.
Log Findings :
As anticipated, according to the kxs log files on both machines shows the broadcasting and processing of information between Sync Primary and Backup. (indicated by the sending to and receiving from <ipaddressinhex:10818>).
In the iasdsync log file on App2(Sync Primary) - App2 has be recognized as Primary and App1 as backup.
Problem :
Upon starting up the ksvradmin interface, the following error is trigged : An error occured while reading in load balancing values server app1. Upon clicking on app1's icon and clicking on the cluster tab, the "mohrelxcluster" cannot be seen.
Many thanks for reviewing. Here's hoping some one can help
Regards
SathyaHI
Are you sharing single LDAP for these two application servers. If not, you have to create those cluster entries in two regitries (Kregedit). (both syncserver entries and clustername=0 entries)
If you are sharing single LDAP, the entries under SyncServers can be created once but you need to create ,
<clustername>=0 entry under CCSO\ClusterName in two registries.
Hope this helps.
-Srinivas -
Issue in setting Load balancing for Indesign Server CS5.5
Hi All,
I need to set up load balancing mechanism for Indesign Server CS5.5 on Windows Server 2008 R2(64 bit version).
I have dutifully following all steps defined in "WORKING WITH LOAD BALANCING AND QUEUEING FOR ADOBE INDESIGN CS5 SERVER.pdf"
After running Indesign server using batch file "startup-indesign-server-CORBA-4instances.bat" from "<ID_SDK>\samples\load-balancing-and-queuing-clients\indesignserver-startup-scripts", I get only one instance of Indesign Server running. How to run multiple instances of the INDD server ? Is running multiple instance has something to do with type of licensing ?
Now I run Clover.cmd script, I get this screen. I have no idea why its not working. Please help. Please let me know, if the scenario is not clear and more information is required.
Thnx,
DThis is the image after running clover.bat
-
How can I support a health check, from a load balancer?
My company has load balancers which use health checks to determine if the end point is available for client traffic. The basic health check is a tcp ping, and will tell you if the device is on the network. The next level of health check is an http request. This request, and the response are static, you can’t create your own version of the request and response. The standard request is this:
http://host:port/healthcheck/hc.html
The standard response is this:
“The server is available”
I want to use the load balancer as part of my total deployment. The problem is that I am not seeing how to support this health check request and response in the MDEX engine. What I see is this request
http://host:port/admin?op=ping
Will return this response
dgraph <host>: <port> responding at <day month year time>
It is nice that there is a built in ping, but I am not able to make use of it. I am new to Endeca and still poking around. The dgraph process listens on a port set up in <…>/config/script/AppContext.xml
<dgraph id="Dgraph1" host-id="MDEXHost" port="3281">
<properties>
<property name="restartGroup" value="A" />
<property name="updateGroup" value="a" />
</properties>
<log-dir>./logs/dgraphs/Dgraph1</log-dir>
<input-dir>./data/dgraphs/Dgraph1/dgraph_input</input-dir>
<update-dir>./data/dgraphs/Dgraph1/dgraph_input/updates</update-dir>
</dgraph>
(I am not using the default port, as I only have an instance on a shared server and have to worry about port clashing. But that is a different thread.)
In a standard tc Server install I can support this health check by doing this:
* Create a directory named “healthcheck”, in the “webapps” directory.
* Place a file name “hc.html” in that directory, which contains “The server is available”
The one hack which comes to mind is to write a servlet which would be able to be a smart proxy for the load balancer health check. It would pass along any regular traffic to the MDEX engine. But if the request was a health check it would send “admin?op=ping” to the MDEX engine, and for a good response from the engine, create and pass back the correct response to the load balancer.
Ideas, comments, flames, …
ThanksHi, we are using following String to test the MDEX ping response but we get the invalid version formation on dgraph.log -
following is on F5
GET /admin?op=ping HTTP/1.1/r/nHost:myhost.endeca.com:19000/r/nConnection:close/r/n/r/n
Following gets logged on Dgraph.log
WARN 09/05/12 05:30:03.799 UTC (1346823003799) DGRAPH {dgraph} Invalid version format in 'HTTP/1.1/r/nHost:myhost.endeca.com:19000/r/nConnection:close/r/n/r/n'
Please let me know - if you have any suggestions to solve this issue.
I know that it works from browser and wget from unix with following commands.
wget http://myhost.endeca.com:19000/admin?op=ping - from unix command line
from browser:
http://myhost.endeca.com:19000/admin?op=ping
Thanks,
Ram -
Disable load balancing on dual PRIs - 3640 with MICA modems for dial out
We have a custom application that connects through reverse telnet to a Cisco 3640 that has 2 NM-24DM modules and 2 PRIs connected to it. Currently all outgoing calls are getting load balanced over the two PRIs. I need to change that so that all calls go over the first PRI and when all channels are used up, it starts using the second PRI. Seems like a simple enough thing to do but I can't figure out how to.
Here is my config
Current configuration : 1401 bytes
version 12.4
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname DIALOUT01
boot-start-marker
boot-end-marker
enable secret 5 xxxxxxx
no aaa new-model
clock timezone EST -5
clock summer-time EDT recurring
no ip routing
no ip cef
no ip domain lookup
ip domain name xxxxxxx.xxx
isdn switch-type primary-ni
controller T1 0/0
framing esf
linecode b8zs
pri-group timeslots 1-24
description xxxx
controller T1 0/1
framing esf
linecode b8zs
pri-group timeslots 1-24
description xxxx
interface FastEthernet0/0
ip address dhcp hostname dialout01
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
interface Serial0/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
no fair-queue
no cdp enable
interface Serial0/1:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
no fair-queue
no cdp enable
no ip http server
control-plane
line con 0
line 33 56
modem InOut
modem autoconfigure type mica
transport preferred telnet
transport input telnet
transport output telnet
line 65 88
modem InOut
modem autoconfigure type mica
transport preferred telnet
transport input telnet
transport output telnet
line aux 0
line vty 0 4
password 7 xxxxx login
end
Thanks,
ShahidIf I understand the question I think that isdn bchan-number-order is the command you are interested in. I think it detaults to round-robin, sounds like you want ascending (that is isdn bchan-number-order ascending). It is an interface subcommand.
See http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gt_ibcac.html#wp1055853
That may only apply to native ISDN calls and not MICA based calls, but see if that helps. -
Load Balancing Directory Servers with Access Manager - Simple questions
Hi.
We are in the process of configuring 2 Access Manager instances (servers) accessing the same logical LDAP repository (comprising physically of two Directory Servers working together with Multi-Master Replication configured and tested) For doing this, we are following guide number 819-6258.
The guide uses BigIP load balancer for load balancing the directory servers. However, we intend to use Directory Proxy Server. Since we faced some (unresolved) issues last time that we used DPS, there are some simple questions that I would be very grateful to have answers to:
1. The guide, in section 3.2.10 (To configure Access Manager 1 with the Directory Server load balancer), talks about making changes at 4 places, and replacing the existing entry (hostname and port) with the load balancer's hostname and port (assuming that the load balancer has already been configured). It says that changes need not be made on Access Manager 2 since the LDAPs are in replication, and hence changes will be replicated at all places. However, the guide also states that changes have to be made in two files, namely AMConfig.properties, and the serverconfig.xml file. But these changes will not be reflected on Access Manager 2, since these files are local on each machine.
Question 1. Do changes have to be made in AMConfig.properties and serverconfig.xml files on the other machine hosting Access Manager 2?
Question 2: What is the purpose of putting these values here? Specifically, what is achieved by specifying the Directory server host and port in AMConfig.properties, as well as in serverconfig.xml?
Question 3. In the HTTP console, there is the option of specifying multiple primary LDAP servers, as well as multiple secondary LDAP servers. What is the purpose of these? Are secondary servers attempted when none of the list in the primary list are accessible? Also, if there are multiple entries in the primary server list, are they accessed in a round robin fashion (hereby providing rudimentary load balancing), or are other servers accessed only when the one mentioned first is not reachable etc.?
2. Since I do not have a load balancer setup yet, I tried the following deviation to the above, which, according to me, should have worked. If viewed in the HTTP console, LDAP / Membership / MSISDN and Policy configuration all pointed to the DS on host 1. When I changed all these to point to the directory server on host 2 (and made AMConfig.properties and serverconfig.xml on host 1 point to DS of host 2 as well), things should have worked fine, but apparently Access manager 1 could not be started. Error from Webserver:
[14/Aug/2006:04:30:36] info (13937): WEB0100: Loading web module in virtual server [https-machine_1_FQDN] at [search]
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: Exception in thread "EventService" java.lang.ExceptionInInitializerError
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: at com.iplanet.services.ldap.event.EventServicePolling.run(EventServicePolling.java:132)
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: at java.lang.Thread.run(Thread.java:595)
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: Caused by: java.lang.InterruptedException
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: at com.sun.identity.sm.ServiceManager.<clinit>(ServiceManager.java:74)
[14/Aug/2006:04:31:48] warning (13937): CORE3283: stderr: ... 2 more
In effect, AM on 1 did not start. On rolling back the changes, things again worked like previously.
Will be really grateful for any help / insight / experience on dealing with the above.
Thanks!Update to the above, incase anyone is reading:
We setup a similar setup in Windows, and it worked. Here is a detailed account of what was done:
1. Host 1: Start installer, install automatically, chose Directory server, Directory Administration server, Directory Proxy server, Web server, Access Manager.
All installed, and worked fine. (AMConfig.properties, serverconfig.xml, and the info in LDAP service, all pointed to HOST1:389)
2. Host 2: Start installer, install automatically, chose Directory server, Directory Administration server, Directory Proxy server, Web server, Access Manager.
All installed, and worked fine. (AMConfig.properties, serverconfig.xml, and the info in LDAP service, all pointed to HOST2:389)
3. Host 1: Started replication. Set to Master
4. Host 2: Started replication. Set to Master
5. Host 1: Setup replication agreement to Host 2
6. Host 2: Setup replication agreement to Host 1
7. Initiated the remote replica from Host 1 ----> Host 2
Note that since default installation uses abc.....xyz as the encryption key, setting this to same was not an issue.
9. Started webserver for Host 1 and logged into AM as amadmin.
10. Added Host 2 FQDN in DNS Aliases / Realms
11. Added http://HOST2_FQDN:80 in the Platform server (instance) list.
12. Started Host 2 webserver. Logged in AM on Host 2, things worked fine.
At this stage, note the following:
a) Host 1:
AMConfig.properties file has
com.iplanet.am.directory.host=host1_FQDN
and
com.iplanet.am.directory.port=389
serverconfig.xml has:
<Server name="Server1" host="host1_FQDN" port="389" type="SIMPLE" />
b) Host 2:
AMConfig.properties file has
com.iplanet.am.directory.host=host2_FQDN
and
com.iplanet.am.directory.port=389
serverconfig.xml has:
<Server name="Server1" host="host2_FQDN" port="389" type="SIMPLE" />
c) If one logs into AM, and checks LDAP servers for LDAP / Policy Configuration / Membership etc services, they all contain Host2_FQDN:389 (which makes sense, since replica 2 was initialized from 1)
Returning back to the configuations:
13. On Host 1, login into the Admin server console of the Directory server. Navigate to the DPS, and confgure the following:
a) Network Group
b) LDAP servers
c) Load Balancing
d) Change Group
e) Action on-bind
f) Allow all actions (permit modification / deletion etc.).
g) any other configuations required - Am willing to give detailed steps if someone needs them to help me / themselves! :)
So now, we have DPS configured and running on Host1:489, and distributing load to DS1 and DS2 on a 50:50 basis.
14. Now, log into AM on Host 1, and instead of Host1_fqdn:389 (for DS) in the following places, specify Host1_fqdn:489 (for the DPS)--
LDAP Authentication
MSISDN server
Membership Service
Policy configuation.
Verified that this propagated to the Policy Configuration service and the LDAP authentication service that are already registered with the default organization.
15. Log out of AM. Following the documentation, modify directory.host and directory.port in AMConfig.properties to point to Host 1_FQDN and 489 respectively. Make this change in AMConfig.properties of both Host 1 as well as 2.
16. Edit serverconfig.xml on both hosts, and instead of they pointing to their local directory servers, point both to host1_FQDN:489
17. When you start the webserver, it will refuse to start. Will spew errors such as:
[https-host1_FQDN]: Sun ONE Web Server 6.1SP5 B06/23/2005 17:36
[https-host1_FQDN]: info: CORE3016: daemon is running as super-user
[https-host1_FQDN]: info: CORE5076: Using [Java HotSpot(TM) Server VM, Version 1.5.0_04] from [Sun Microsystems Inc.]
[https-host1_FQDN]: info: WEB0100: Loading web module in virtual server [https-host1_FQDN] at [amserver]
[https-host1_FQDN]: warning: WEB6100: locale-charset-info is deprecated, please use parameter-encoding
[https-host1_FQDN]: info: WEB0100: Loading web module in virtual server [https-host1_FQDN] at [ampassword]
[https-host1_FQDN]: warning: WEB6100: locale-charset-info is deprecated, please use parameter-encoding
[https-host1_FQDN]: info: WEB0100: Loading web module in virtual server [https-host1_FQDN] at [amcommon]
[https-host1_FQDN]: info: WEB0100: Loading web module in virtual server [https-host1_FQDN] at [amconsole]
[https-host1_FQDN]: warning: WEB6100: locale-charset-info is deprecated, please use parameter-encoding
[https-host1_FQDN]: info: WEB0100: Loading web module in virtual server [https-host1_FQDN] at [search]
[https-host1_FQDN]: warning: CORE3283: stderr: netscape.ldap.LDAPException: error result (32); matchedDN = dc=sun,dc=com; No such object (DN changed)
[https-host1_FQDN]: warning: CORE3283: stderr: Got LDAPServiceException code=-1
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.services.ldap.DSConfigMgr.getConnection(DSConfigMgr.java:357)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.services.ldap.DSConfigMgr.getNewFailoverConnection(DSConfigMgr.java:314)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.services.ldap.DSConfigMgr.getNewConnection(DSConfigMgr.java:253)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.services.ldap.DSConfigMgr.getNewProxyConnection(DSConfigMgr.java:184)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.services.ldap.DSConfigMgr.getNewProxyConnection(DSConfigMgr.java:194)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ums.DataLayer.initLdapPool(DataLayer.java:1248)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ums.DataLayer.(DataLayer.java:190)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ums.DataLayer.getInstance(DataLayer.java:215)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ums.DataLayer.getInstance(DataLayer.java:246)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.sun.identity.sm.ldap.SMSLdapObject.initialize(SMSLdapObject.java:156)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.sun.identity.sm.ldap.SMSLdapObject.(SMSLdapObject.java:124)
[https-host1_FQDN]: warning: CORE3283: stderr: at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
[https-host1_FQDN]: warning: CORE3283: stderr: at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
[https-host1_FQDN]: warning: CORE3283: stderr: at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
[https-host1_FQDN]: warning: CORE3283: stderr: at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
[https-host1_FQDN]: warning: CORE3283: stderr: at java.lang.Class.newInstance0(Class.java:350)
[https-host1_FQDN]: warning: CORE3283: stderr: at java.lang.Class.newInstance(Class.java:303)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.sun.identity.sm.SMSEntry.(SMSEntry.java:216)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.sun.identity.sm.ServiceSchemaManager.(ServiceSchemaManager.java:67)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.am.util.AMClientDetector.getServiceSchemaManager(AMClientDetector.java:219)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.am.util.AMClientDetector.(AMClientDetector.java:94)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.sun.mobile.filter.AMLController.init(AMLController.java:85)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:262)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:322)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.ApplicationFilterConfig.(ApplicationFilterConfig.java:120)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3271)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.start(StandardContext.java:3747)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ias.web.WebModule.start(WebModule.java:251)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.StandardHost.start(StandardHost.java:652)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:355)
[https-host1_FQDN]: warning: CORE3283: stderr: at org.apache.catalina.startup.Embedded.start(Embedded.java:995)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.start(WebContainer.java:431)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.startInstance(WebContainer.java:500)
[https-host1_FQDN]: warning: CORE3283: stderr: at com.iplanet.ias.server.J2EERunner.confPostInit(J2EERunner.java:161)
[https-host1_FQDN]: failure: WebModule[amserver]: WEB2783: Servlet /amserver threw load() exception
[https-host1_FQDN]: javax.servlet.ServletException: WEB2778: Servlet.init() for servlet LoginLogoutMapping threw exception
[https-host1_FQDN]: at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:949)
[https-host1_FQDN]: at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:813)
[https-host1_FQDN]: at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3478)
[https-host1_FQDN]: at org.apache.catalina.core.StandardContext.start(StandardContext.java:3760)
[https-host1_FQDN]: at com.iplanet.ias.web.WebModule.start(WebModule.java:251)
[https-host1_FQDN]: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: at org.apache.catalina.core.StandardHost.start(StandardHost.java:652)
[https-host1_FQDN]: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:355)
[https-host1_FQDN]: at org.apache.catalina.startup.Embedded.start(Embedded.java:995)
[https-host1_FQDN]: at com.iplanet.ias.web.WebContainer.start(WebContainer.java:431)
[https-host1_FQDN]: at com.iplanet.ias.web.WebContainer.startInstance(WebContainer.java:500)
[https-host1_FQDN]: at com.iplanet.ias.server.J2EERunner.confPostInit(J2EERunner.java:161)
[https-host1_FQDN]: ----- Root Cause -----
[https-host1_FQDN]: java.lang.NullPointerException
[https-host1_FQDN]: at com.sun.identity.authentication.UI.LoginLogoutMapping.init(LoginLogoutMapping.java:71)
[https-host1_FQDN]: at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:921)
[https-host1_FQDN]: at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:813)
[https-host1_FQDN]: at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3478)
[https-host1_FQDN]: at org.apache.catalina.core.StandardContext.start(StandardContext.java:3760)
[https-host1_FQDN]: at com.iplanet.ias.web.WebModule.start(WebModule.java:251)
[https-host1_FQDN]: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: at org.apache.catalina.core.StandardHost.start(StandardHost.java:652)
[https-host1_FQDN]: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
[https-host1_FQDN]: at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:355)
[https-host1_FQDN]: at org.apache.catalina.startup.Embedded.start(Embedded.java:995)
[https-host1_FQDN]: at com.iplanet.ias.web.WebContainer.start(WebContainer.java:431)
[https-host1_FQDN]: at com.iplanet.ias.web.WebContainer.startInstance(WebContainer.java:500)
[https-host1_FQDN]: at com.iplanet.ias.server.J2EERunner.confPostInit(J2EERunner.java:161)
[https-host1_FQDN]:
[https-host1_FQDN]: info: HTTP3072: [LS ls1] http://host1_FQDN:58080 [i]ready to accept requests
[https-host1_FQDN]: startup: server started successfully
Success!
The server https-host1_FQDN has started up.
The server infact, didn't start up (nothing even listening on 58080).
However, if AMConfig.properties is left as it originally was, and only serverconfig.xml files were changed as mentioned above, web servers started fine, and things worked all okay. (Alright, except for some glitches when viewed in /amconsole. If /amserver/console is accessed, all is good. Can this mean that all is still not well? I am not sure).
So far so good. Now comes the sad part. When the same is done on Solaris 9, things dont work. You continue to get the above error, OR the following error, and the web server will refuse to start:
Differences in Solaris and Windows are as follows:
1. Windows hosts have 1 IP and hostname. Solaris hosts have 3 IPs and hostnames (for DS, DPS, and webserver).
No other difference from an architectural perspective.
Any help / insight on why the above is not working (and why the hell does the documentation seem so sketchy / insecure / incorrect).
Thanks a bunch! -
Load Balancing Forms Services with an effective healthcheck
I am in the process of configuring two forms 11.1.2 servers running with weblogic 10.3.5 with multiple forms applications clustered across both physical servers. We are looking to load balance to the various forms applications using a hardware load balancer. Can anyone comment on their experience with setting up effective application healthchecks using either hardware or software load balancers?
For example say that we have 3 applications clustered across 2 servers with the following
URLs:
http://server01:7777/forms/frmservlet?config=myapp1
http://server01:7777/forms/frmservlet?config=myapp2
http://server01:7777/forms/frmservlet?config=myapp3
http://server02:7777/forms/frmservlet?config=myapp1
http://server02:7777/forms/frmservlet?config=myapp2
http://server02:7777/forms/frmservlet?config=myapp3
We would need a checking mechanism on the load balancer that could tell if myapp2 was down on say server01 and therefore block traffic to that application yet keep traffic open for the other 2 apps on the same server.
A specific difficulty with forms is that when the database behind the application is down forms services will return an error message within a displayed error form. From the load balancer's point of view the forms services are "up". We need to find a way of detecting that the application is actually available and not just that the forms services themselves are available. To detect that the forms services are available we might normally use the status check:
http://server01:7777/forms/frmservlet?ifcmd=status
however this will only tell use the availability of the forms services on a physical server and not whether any actual applications are available.
I am aware that f5 do a BIGIP offering that includes some Oracle Forms specific components. Can anyone comment on how they have setup Oracle Forms healthchecks using various load balancing methods. In particular if a load balancer is limited to using WGET commands to check HTTP returned content is there a way of checking a forms application's availability and if not how have other people achieved an effective healthcheck?
Many thanks,
PhilippeDid you ever Get this to work?
I am having some problems trying to load balance with Oracle Forms, Discover and reports Oracle Application Server Release 10g (9.0.4.0.2) and I was wondering if you could help. Has any one ever got this to work consistently? We are an ERP product written mostly in forms (904) and are trying to implement are largest customer there performance issue so we need the load balancing to work. Will also accept other recommendation as cost effective as solutions.
Site 1:
A: SERVER
Host as1.xyzco.local
Version 10.1.2.0.2
Installation Type Identity Management and Metadata Repository
Oracle Home E:\oracle\inf_1012
Farm as1db.xyzco.net
o HTTP_Server
o Internet Directory
o OC4J_SECURITY
o Single Sign-On:orasso
o Management
B SERVER
Host as2. xyzco.local
Version 9.0.4.0.2
Installation Type Business Intelligence and Forms
Oracle Home E:\oracle\mid_904
Farm as2db. xyzco.net
o Discoverer
o Forms
o home
o HTTP_Server
o OC4J_BI_Forms
o Reports Server
o Web Cache
o Management
C SERVER
Host as3. xyzco.local
Version 9.0.4.0.2
Installation Type Business Intelligence and Forms Discoverer and Reports
Oracle Home E:\oracle\mid_904
Farm as2db. xyzco.net
o Discoverer
o Forms
o home
o HTTP_Server
o OC4J_BI_Forms
o Reports Server
o Web Cache
o Management
All servers Are:
Windows 2003 Standard Server with current service packs
Xeon Dual Processor with 4GB ram
Raid 0 drives 2 for OS and 2 for Oracle
Daniel Brody
[email protected]
Maybe you are looking for
-
In iphone maps app, the maps are no longer appearing. I get only a light green map of the country. what happend? How do I get the maps to show?
-
How to add F4 help to standard infotype field
Hi, I need to add a F4 help to a standard field in a PA infotype (0021- Personal data). Is this possible? Is it correct that, in a custom field a F4 help can be added using a foreign key relationship? Or what is the correct method? Also, I think I ca
-
Change default block size on tftp server
Is there a way to change the default block size on the tftp server so that it defaults to 1024 instead of 512 I am aware that the client can accomplish this by: tftp> tsize tftp> blkzise 1024 but I don't want the client to have to enter these additio
-
Again: ORA-12504: TNS:listener was not given the SERVICE_NAME...
Hi Guys, I got this already discussed error and I am sorry, to start a new topic, but I just have no idea what to do else. I have oracle11g - 32 bit running on my Windows 7 64 bit machine. The database-server is running fine according to the Database
-
Planning on starting career in SAP - Advice
My name is Srikanth and I am from UK. I am planning to start my career in SAP. My background is in Microsoft Tech (VB6, ASP, ASP.Net, C#, VB.Net, SQL Server, Databases, Web services and Portals) . I have 9yrs of experience in developing legacy system