NW04 Portal and Cisco Load balancer

Hi everybody,
does anyone have a similar landscape as I have?
Reverse Proxy - Cisco Content Switch Module for Load Balancing - two NW04 Portal Servers.
How did you configure the stickyness / Load balancing mechanism on the load balancer in order to get it running?
Cheers
Jochen

Hi,
Web AS Java issues a cookie called saplb.
You can check its value by connecting to the portal and then launching the command
"javascript:alert(document.cookie)"
within the browser. You will get a cookie value like
saplb_*=(J2EE6202500)6202551          
The value in brackets determines the Instance; the second number equals the actual ClusterID (can also be found in the VisualAdmin. Usually 50 indicates the 1st server node, 51 the second one etc.
The saplb_*-cookie can be checked by the cisco see Cisco-Link above. Just configure the Cisco to be sticky on the  instance number (value in the first brackets, in the example 6202500).
Several Customers do it like this, and actually the SAP Webdispatcher is also using this cookie to determine the instance to distribute the request to.
Good luck Bernhard

Similar Messages

  • Cisco Load balancer and Web Dispatcher to the same portal

    Hello Experts,
    We have implemented intranet portal with Cisco as the load balancer. Now we need to expose this intranet to the outside world as an extranet portal. So the same portal will be accessed from both intranet and from outside. We are thinking of installing a web dispatcher in the DMZ so that outside users can access the Web Dispatcher URL to access the intranet portal. In effect intranet users will use load balancer and extranet users will use Web Dispatcher to access the same portal. Now my question is if we configure Load Balancer and Web Dispatcher to the same portal, will the portal be able to load balance properly? Is this the right approach?
    Thank You,
    mansooralip1

    Dear Andrew,
    We need to provide access to our intranet to some outside companies for them to also use some of our portal applications. As per your answer, I understand that I can configure Web Disptacher to talk to the Cisco Load Balancer of our portal. In this case Web Dispatcher will work just as a reverse proxy. But when I discussed this with one of our basis resource, he told me that when we install and configure Web Dispatcher, it always ask for the Message Server URL and Port number, even if I just want to use Web Dispatcher as a Reverse Proxy. If his concerns are valid, I do not think I will be able to configure Web Dispatcher to access the cisco Load Balancer because I cannot put Cisco load banacer URL and port instead of the Message Server URL and Post Number. Can you kindly share your comment on the same?
    Now the second part of my question, if Web Dispatcher cannot be configured to talk to Load Balancer(as mentioned by our basis resource), I will have to use two load balancers. One web Dispatcher in DMZ as a Load Balancer *** Reverse Proxy for the external users. Second the internal Cisco Load Balancer for the intranet users. So the same portal will be accessed by two load balancers. My question here is, in this set up, can the portal work efficieintly here by distributing equal loads two both the server instances?
    Thank You,
    mansooralip1

  • CISCO Load Balancer with SAP on Unix and Oracle

    Hello Experts,
    Explain me the steps How CISCO Load balancing Mechanism works with SAP Enterprise Portal?
    If anyone implemented and achieved the same,please explain me the steps to follow from Initial Stage to end of implementation.
    Or If you have any documentation on this just share with me or point me to the particular link.
    I have seen the below SAP help which is somewhat helpful.
    http://help.sap.com/saphelp_nw04s/helpdata/en/d3/e12840d89d185de10000000a1550b0/frameset.htm
    I would like to know how CISCO will connect to M/essage Server /Java Dispatcher.
    And explain me the steps to follow to implement External Facing Portal using Cisco Loadbalancer.
    This should be achieved in Unix environment.
    Any help would be greatly appreciated.
    Regards,
    Karthick Eswaran
    *Points will be rewarded for helpful suggestions

    We use F5 for loadbalancing, but all hardware loadbalancing solutions should similar. They offer multiple algorithms, we use simple round robin (SAP's webdispatcher has better options for load balancing). You create virtual IP to your CISCO loadbalancer. You then configure Cisco to route traffic to each portal application server. If you have CI + 2 appservers, you configure the loadbalancer to send traffic to cihost:port, appserver1:port, appserver2:port. You also create a DNS alias to the virtual IP of the loadbalancer. End users will use the DNS alias to connect your portal. Typically you use standard ports (80 & 443) on Cisco, so that end user URL does not contain any ports (so http traffic goes to port 80, https goes to port 443). You also need to enable cookie persistence on the load balancer for session persistence.
    For external facing portal, you need to have your loadbalancer in DMZ and you want to use SSL. You also need to setup firewall rules for your portal and backend servers.
    -RK

  • CISCO Load Balancing Mechanism with SAP

    Hello Experts,
    Explain me the steps How CISCO Load balancing Mechanism works with SAP Enterprise Portal?
    If anyone implemented and achieved the same,please explain me the steps to follow from Initial Stage to end of implementation.
    Or If you have any documentation on this just share with me to my google id kekarthick or point me to the particular link.
    I have seen the below SAP help which is somewhat helpful.
    http://help.sap.com/saphelp_nw04s/helpdata/en/d3/e12840d89d185de10000000a1550b0/frameset.htm
    I would like to know how CISCO will connect to Java Dispatcher.
    And explain me the steps to follow to implement External Facing Portal using Cisco Loadbalancer.
    This should be achieved in Unix and Windows 2003 environment.
    Any idea?
    Regards,
    Karthick Eswaran
    Edited by: Karthick Eswaran on May 21, 2008 12:40 AM

    Hello Karthick,
    let's say you have 2 servers for your portal:
    host1 -> e.g. DB, SCS + CI --> http://host1.my.company:50000/irj/portal
    host2 -> DI --> http://host2.my.company:50000/irj/portal
    Now you can implement an CISCO hardware load balancer. You have to connect it to your network and reserve one port and another ip adress of it for the portal.
    After that you have to add the ip adress of the both servers (host1+host2) to this port, so that the CISCO load balancer knows to which servers it has to forward the incoming connections.
    If you use DNS in your company you can now map a more user-friendly name to the CISCO port (e.g. http://portal.my.company:50000/irj/portal) and distribute this link to the users of the portal.
    When they connect to the portal via this link the CISCO load balancer will forward the request to one of the configured servers (host1 or host2) depending which one is online and/or the load of them.
    I hope I understood your question right and my answer helps a little.
    Regards,
    Norman Schröder

  • H-REAP and Client Load-Balancing

    I'm told by Cisco that H-REAP does not support client load-balancing.
    We have a situation where we want to deploy LWAPPs using H-REAP into a conference room where training would take place.
    Any suggestions on how to overcome the inevitable slowness these people are going to experience from being unevenly associated with the APs?
    We can't re-write the application so we are looking for a wireless solution.
    Anyone hear about how other organizations have dealt with this type of situation?
    I'll be glad to supply more details if I am not being clear in my description of the problem.
    Thanks in advance. All responses will be rated.
    Paul

    This is the functionality which is missing in H-REAP: Client and Network Load Balancing
    "Radio Resource Management (RRM) load-balances new clients across grouped lightweight access points reporting to each controller. This function is particularly important when many clients converge in one spot (such as a conference room or auditorium) because RRM can automatically force some subscribers to associate with nearby access points, allowing higher throughput for all clients. The controller provides a centralized view of client loads on all access points. This information can be used to influence where new clients attach to the network or to direct existing clients to new access points to improve wireless LAN performance. The result is an even distribution of capacity across an entire wireless network.
    Note: Client load balancing works only for a single controller. It is not operate in a multi-controller environment."
    I suppose if we limit the number of users that can associate with a particular AP then we will achieve some client load-balancing. Though a hard limit on the number of end-users will also lead to situations where some end users will not be allowed any access.

  • ASA and vpn load balancing

    Hi,
    I am configuring 2 ASA5540 for internet trafic inside to outside ,
    outside to inside (web,smtp) but also vpn load balancing for client to site , site to site and webvpn.
    In the doc I can configure them for internet trafic as Active/Standby or Active/active.
    for vpn : I can use vpn load balancing
    But no information if I want to use the active/passif and vpn load balancing together.
    Any thoughts on which way to go? what is the best thing to do ?
    Regards

    Hi,
    I think that you cannot use an Active/Active configuration for VPN connections as it is stated on Cisco's documentation: "Note: VPN failover is not supported on units that run in multiple context mode as VPN is not supported in multiple context. VPN failover is available only for Active/Standby Failover configurations in single context configurations" available at http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080834058.shtml
    Hope it helps

  • Iview contents missing when using FQDN Cisco Load Balancer

    Hello Experts,
    We are using Cisco load balancer to distribute the load across the portal servers. Everything was working fine, but after upgrades to the latest support package stack SP18, we ran into some odd behavior. Some of the contents on the iview are blank when using FQDN load balancer URL e.g. http://sap1234.corp.com/irj/portal .  But those blank contents does show up if we donu2019t use FQDN e.g. http://sap1234./irj/portal .  At this point we are not sure where to start troubleshooting?
    Any helps would be appreciated,
    Dave
    Edited by: davidn on Feb 27, 2009 11:50 AM

    Isn't this the same as your other post? I'm locking this one...

  • Configuring customized ldap ports on cisco load balancer

    Hi,
    I have configured ldap on a different ports than the 389 and 636.  How do I configure this port to be allowed on the Cisco load balancer.  I'm a newbie to cisco load balancer.  Is there any specific configuration to be followed to set the customized port on the load balancer ?
    Any help is appreciated.
    Thanks in advance

    Hi,
    By default, ACE denies all traffic coming to an interface and you need to define ACL's to allow traffic. You can define an extended ACL to allow the traffic from IP's, TCP/UDP ports etc. Please visit the below for details about ACL configuration on ACE.
    http://www.cisco.com/c/en/us/td/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/security/guide/securgd/acl.html#wp1018359
    Also, pasting another link for basic TS related to ACE.
    http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Troubleshooting_Guide_--_Troubleshooting_Access_Control_Lists
    Regards,
    Kanwal

  • Cisco load balancer?

    Just curious if anybody has tried using a Cisco load balancer with Directory Server (5.x.) Specifically:
    http://www.cisco.com/warp/public/cc/pd/si/11000/prodlit/cs105_ds.htm
    (They start out talking about web, but if you look further down you'll see they also support LDAP.)
    Here's my thought: get two 5.x servers in multi-master configuration behind one of these Cisco products. That way applications that like to cache DNS info on the LDAP server they should be using won't get confused if one of the hosts is taken down for upgrades/whatever. Thoughts?
    I guess the other way to handle this would be to run Sun Cluster + necessary stuff for LDAP. Any unbiased opinions as to which approach might be better? ;-)

    Or use the Directory Proxy (aka iDAR)...
    We have customers using the Cisco load balancer with Directory server 5. Others are using iDAR, others use Sun Cluster... Can't tell which approach is better.
    The only issue I forsee with a load balancer in front of 2 masters, is that it may increase the risks of conflicts if the servers are not fully synchronized (such as under heavy load).
    Regards,
    Ludovic.

  • Wlp and apache load balancing

    Hi,
              I have been trying to understand webloigc clustering and load balancing capabilities. I have been through the edocs but it does not explain how things work, instead they only emphasis on how to configure.
              Consider the following scenario:
              --------cisco firewall/load balancer------------
              apatche1 apache2 apache3
              -------------------firewall-------------------------
              WLP1 WLP2 WLP3 WLP4
              My questions are:
              (1) how apache servers load balance incoming requests amongst the four portal instances? I understand that it will use weblogic proxy plug-in. the httpd.config also should be configured to proxy requests to WLP instances by adding the corresponding address:prot entries for each instance, using WebLogicCluster keyword.
              (2) Weblogic cluster will have nothing to do with load balancing? The only benefit I get of configuring weblogic cluster is session replication, right?
              (3) even failover is going to be handled by apache servers?
              (4) if I need to use SSL and I need to have my SSL encryption/decryption to be done on WLP instances; apache servers will only forward requests, no encryption/decryption to be done on the web tier. Is this possible?
              See in WebSphere the edge component will handle the load balancing and through it I can assign load weights for each appserver instance.
              (5) Are there any best practice to implement load balancing and failover on weblogic portal?
              I appreciate any input in this regards.

    1. yes, configure the apache plugin. put your 4 servers in the WeblogicCluster property (host:port,host:port...). The proxy will round robin requests between the servers in the cluster, although sessions are pinned to a single server. So if a request with a session (jsessionid cookie) comes in, it will read the primary server from the cookie and route it to that server.
    note that we have had trouble with keep alives ON and load balancing. we had to turn keep alives off to get load balancing working.
    2. right, the cluster allows failover by replication. apache plugin will perform the failover.
    3. the plugin will keep a dynamic server list so if a server goes down, it will update the cluster list and not route to it. it will also retry requests on another server on an error or timeout connecting. you can tweak timeout settings like WLSocketTimeoutSecs and ConnectTimeoutSecs. and keep idempotent ON which allows failover, unless you aplpication can't handle this.

  • Web Dispatcher - Portal & Backend systems load balancing

    Good Day,
    I am currently in the process of setting up a web dispatcher for the Backend systems via the Portal.
    I have already installed a web dispatcher to handle the Portal load balancing and this works perfect.
    The SAP system landscape will be created using load balancing, currently it is set to Dedicated.
    Question:
    Do i change the ITS and WAS settings to point to the web dispatcher or leave them currently pointing to the backend systems?
    ITS = hostname :8000
    WAS = hostname : 8000
    Many thanks,
    Morgan Moodley

    Hi Morgan,
    You point them at the web dispatcher.
    Paul

  • Web dispatcher and J2EE load balancing

    I have portal DBCI on one server and DI on multiple servers. I implemented Web dispatcher in front of the DI and it does the load balancing across all DI and CI. What I want to do though is not to route any users to CI instance - ie take CI server processes out of load balancing.
    In ABAP environment you could create a logon group and not put CI in the group and users coming through the logon group do not go to the CI. I would like to do the same with Portal Java processes. In help.sap.com I found that web dispatcher uses default !J2EE group if there are no groups defined - to distribute users but I can not find anyway to define a logon group for J2EE java.
    Does anybody out there know how to do this - define a logon group and include only DI and not CI in that?

    > Raj,
    >
    > Which versions are you on J2EE? EP?
    > If you are on EP SP14 or NW01 you can do workload
    > distribution within the portal.
    >
    > James
    We are using NW 04 based EP 6 SP 16. I am looking for to use web dispatcher to distribute users on the DI servers and not distribute any users on the CI server. What can I do so that if admin user enter http://CI_server:50000/irj then they can login to the CI server if users come through webdispatcher then they are not put on the CI but go to one of the DI servers only. By default web dispatcher would send some users to CI and I don't want that.

  • Lync 2010 and ACE load balancing

    Hi there,
    Has anyone deployed [or will be deploying] Lync 2010 utilising the ACE as a hardware load balancer. The ACE is not {yet] on the Microsoft list of supported devices for this product, but I am told this because of lack of documentation from Cisco.
    The consensus from a few colleagues is that it should work as it did for OCS, which we have already deployed, so assuming that the set up and operation is similar, there shouldn't be much difference in the configurations.
    regards,
    Glenne.

    Hey Glenne,
    It seems you got that working already but I wanted to share this simple sample:
    parameter-map type http PARAMETER
      set header-maxparse-length 65535
      set content-maxparse-length 65535
    ============================================
    interface vlan 112
      ip address 10.198.16.71 255.255.255.192
      alias 10.198.16.124 255.255.255.192
      peer ip address 10.198.16.72 255.255.255.192
      mac-sticky enable
      access-group input anyone
      nat-pool 25 10.198.16.125 10.198.16.125 netmask 255.255.255.0 pat
      service-policy input ANS-MGT
      service-policy input VIPS
      no shutdown
    ============================================
    policy-map multi-match VIPS
      class LYNC_VIP
        loadbalance policy  LYNC_POLICY
        ssl-proxy server SSL_LYNC_TERMINATION
        loadbalance vip icmp-reply active
        nat dynamic 25 vlan 112
        appl-parameter http advanced-options  PARAMETER
    ============================================
    class-map match-all LYNC_VIP
      2 match virtual-address 10.198.16.125 tcp eq https
    ============================================
    ssl-proxy service SSL_LYNC_TERMINATION
      key tac-key
      cert tac-cert
      chaingroup tac-chaingroup
    ============================================
    policy-map type loadbalance first-match LYNC_POLICY
      class class-default
        sticky-serverfarm LYNC_COOKIE
    ============================================
    sticky http-cookie ACE_COOKIE LYNC_COOKIE
      timeout 30
      replicate sticky
      serverfarm LYNC_FARM
    ============================================
    serverfarm host LYNC_FARM
      rserver LYNC_SERVER1 80
        inservice
      rserver LYNC_SERVER2 80
        inservice
    ============================================
    rserver host LYNC_SERVER1
    ip address 10.198.16.93
    inservice
    rserver host LYNC_SERVER2
    ip address 10.198.16.113
    inservice
    ===========================================
    Jorge

  • New ASA5512- 5515: content filter and WAN load balancing

    Hi,
    it's possible to make the content filter with the new models of asa?
    One of our customers would like to have content filter with the possibiliy to monitor the single client activity (log).
    It' s possible also make the load balancing between 2 WAN?
    Now in HQ they have 2 WAN with WAN backup (ASA5505) and VPN to another site.
    Thanks in advance,
    Paolo.

    I saw that you can add CX feature:
    CX - Context Aware Security Feature:
    Cisco  ASA CX Context-Aware Security is a modular security service that  extends the ASA platform with next-generation capabilities. It is  available with SSD purchase for model such as 5512-X, 5515-X, 5525-X,  55545-X and 5555-X.
    Application Visibility Control (AVC):
    This  is additional feature in CX. Activation of this feature require  seperate license. This is the feature that do deep packet inspection for  Application recognition. provide context-aware firewall security.
    Web Security Essentials (WSE):
    This  is additional feature in CX. Activation of this feature require  seperate license. It deliver features like "URL Filtering" and "Global  Threat Intelligence".
    Can somebody confirm that?
    Have somebody already used and configured this features?
    Thank you,
    Paolo.

  • SSL Cetificate and F5 load balancer.

    Hi All,
    I need to created SSL certificate to enable SSL on the HTTP server can you please give me the steps for that also i need to configure SSL on the load balancer how would i do that, i will be thankful if anybody can provide me detail steps, thanks in advance.
    Thanks,
    Virendra

    Hi,
    What is the application release?
    For SSL, please see these documents.
    Note: 123718.1 - 11i: A Guide to Understanding and Implementing SSL for Oracle Applications
    Note: 300969.1 - Troubleshooting SSL with Oracle Applications 11i'
    Note: 376700.1 - Enabling SSL in Release 12
    For Load Balancing, please refer to:
    Note: 380489.1 - Using Load-Balancers with Oracle E-Business Suite Release 12
    Note: 727171.1 - Implementing Load Balancing On Oracle E-Business Suite - Documentation For Specific Load Balancer Hardware
    Note: 601694.1 - How To Check Session Persistence On BigIP F5 And Cisco Ace Load Balancer Appliances
    Note: 603325.1 - Using Cisco ACE Series Application Control Engine with Oracle E-Business Suite Release 12
    Regards,
    Hussein

Maybe you are looking for

  • String lenght

    Hello everyone     In my script by using "get digit string" menu i get customers unique  number but i want that to be at least 5 character long.For example i do not want him to enter "123" he must enter at least 5 digits.when he enters least then 5 d

  • Palm contacts software takes a big step backward

    I decided to buy a Palm Pre in large part because I wanted to preserve the investment I have made in the contacts database I have built up over the years using Palm devices.  I was more than a little disappointed when I discovered that Palm decided t

  • Set Up Costs - Semi Variable

    Dear Experts, We incur set up costs that are semi variable. In other words for $1000 is incurred for every 500 units produced ( $2 per unit). Suppose a product is produced only 100 units in a month, that means $200 ( $2*100 units) is absorbed on the

  • Powerbook G4 will not sleep.

    My Powerbook G4 recently stopped going to sleep on its own. I've made sure that all of my programs are closed and I've played around with the energy saver settings and it won't sleep. I know there are other ways to put it to sleep, but why isn't it g

  • An interesting search problem

    How would you be able to do this: You would have a photo that has the tag cat+chair. It would come up if you were to search "cat", "cat chair", or "chair cat" but not "chair". How could you do that?