Remove load balancing...

Oracle 10gR2 RHEL 4 AS 64bit
I wanted to know is there a way to remove load balancing in RAC? Would I just set the LOAD_BALANCE parameter to OFF in the TNSnames.ora file? Would that take care of it? The problem is occurring because developers are trying to upload images into the database (using jumploader) and the file is stored on the first node. What happens is during the upload a procedure searches for the file on the second node (when it is actually on the first node) and then an error is returned. Below are my current TNS entries:
PROD =
(DESCRIPTION =
(LOAD_BALANCE = ON)
(FAILOVER = ON)
(ADDRESS = (PROTOCOL = TCP)(HOST = node1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = node2-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = TAF)
(FAILOVER_MODE =
(TYPE = SELECT)
(METHOD = BASIC)
(RETRIES = 180)
(DELAY = 1)
TAF =
(DESCRIPTION =
(LOAD_BALANCE = ON)
(FAILOVER = ON)
(ADDRESS = (PROTOCOL = TCP)(HOST = node1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = node2-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVICE_NAME = TAF)
PROD2 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = node2-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = PROD)
(INSTANCE_NAME = PROD2)
PROD1 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = node1-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = PROD)
(INSTANCE_NAME = PROD1)
)

In this case, changing the tnsnames.ora file alone won't do it. RAC has two independent load balancing sides, client side (tnsnames level) and server side (listener level). The client side is simply a random (yep, random) picking of a listener on an instance to go to. On the server side, however, a given listener can then hand that connection off to another listener on a less loaded machine. Even if you connect via tnsnames to a specific instance, you may be connected to another machine.
Your best bet would be to use services, you can create a service in the cluster that can connect to a specific node with a different service name than "standard" connection. I have used this for reporting instances on a specific node cluster. You then create a new tnsnames alias to point to that new server. Note. If you use the SERVICE_NAMES parameter within your database this will not work, as anything pointed to by it will override the service names.
An alternate idea would be to nfs mount your filesystem that contains the pictures to each of your remaining rac nodes.
Cheers
Jay Caviness
http://www.grumpy-dba.com

Similar Messages

  • Error using load balancer in ebusiness suite R12

    Hi
    Has any one used Cisco 11503 load balancer in their ebusiness implementation
    we have upgraded a customer instance from 11i10cu2 to 12.0.6. we have configured the R12 instance for load balancer as per metalink note 380489.1
    when we access the ebusiness suite, we hit the issue as mentioned below:
    You cannot complete this task because one of the following events caused a loss of page data. Possible Causes:
    You have left your login session idle past the timeout period. A system failure has occurred. The application server is incorrectly configured and does not send a session cookie to the client browser. If you were testing in JDeveloper: JDeveloper OC4J process did not fully shut down before restarting the application. You closed one of the Internet Explorer browser windows while the request is being processed in another Internet Explorer window. Closing an Internet Explorer window causes OC4J to expire a user session. OC4J XML files in your JDeveloper user home system directory have been modified or corrupted.
    as per many metalink notes, this may occur due to load balancer ..example note : 755825.1
    we have then removed load balancer setting from the applications context file (xml file) and issue doesnt occur.
    so issue seems to be with load balancer setting, however we couldnt find any doc which mentions setting for Cisco 11503 load balancer
    we saw notes for Bigip and cisco ACE load balancer in metalink 601694.1
    Customer is also unable to help here .. as to what setting needs to be changed
    Can someone kindly advise

    Have you opened a case with Cisco to see if they can help ? Has persistence been enabled on the load balancer ? Is there some kind of timeout enabled on the balancer ? I do not know much about load balancers, but the settings should be somewhat similar across all of them. See if these docs help
    601694.1 - How To Check Session Persistence On BigIP F5 And Cisco Ace Load Balancer Appliances
    390173.1 - How to prevent Self-Service session expiry when Using Radware's APSolute Insite Software Loadbalancing Software
    HTH
    Srini

  • ACE 4710 one-arm L4 load balancing removes accept-encoding?

    We have built a simple one-arm PAT config to round robin load balance two Varnish servers. In the "Default L7 load-balancing action" we have left compression to "N/A". It looks like the ACE removes "Accept-Encoding: gzip, deflate" from the client header.
    Is this normal behaviour? We would like the Varnish to do the compression. Do we need modify the headers to get this through the ACE?

    Hi,
    Yes this does seem to be the behavior. Please read below:
    HTTP compression is a capability built into web servers and web browsers to improve site performance by reducing the amount of time required to transfer data between the server and the client. Performing compression on the ACE offloads that work from the server, thereby freeing up the server to provide other services to clients and helping to maintain fast server response times.
    When you enable HTTP compression on the ACE, the appliance overwrites the client request with "Accept-Encoding identity" and turns off compression on the server-side connection. HTTP compression reduces the bandwidth associated with a web content transfer from the ACE to the client.
    So ACE rewrites the ACCEPT-ENCODING header to IDENTITY to indicate to the server that it should not compress the return data. That would be done by ACE.
    Also, default method is used when client comes with both gzip or deflate for "ACCEPT ENCODING". For compression to work, a client must send a request with an ACCEPT-ENCODING method of gzip or deflate. If a client sends both methods, then the ACE uses the configured method(default method).
    Also, you can see if ACE is compressing the packets or in "show service-policy detail.
    switch/Admin#
    show service-policy L7_COMP_SLB_POLICY detail
    Status     : ACTIVE
    Description: -----------------------------------------
    Interface: vlan 1 108
      service-policy: L7_COMP_SLB_POLICY
        class: vip
         VIP Address:    Protocol:  Port:
         2.0.5.1         tcp        eq    80
          loadbalance:
            L7 loadbalance policy: pm
            VIP ICMP Reply       : ENABLED
            VIP state: OUTOFSERVICE
            Persistence Rebalance: ENABLED
            curr conns       : 0         , hit count        : 0
            dropped conns    : 0
            client pkt count : 0         , client byte count: 0
            server pkt count : 0         , server byte count: 0
            conn-rate-limit      : 0         , drop-count : 0
            bandwidth-rate-limit : 0         , drop-count : 0
            L7 Loadbalance policy : pm
              class/match : h
                ssl-proxy client : c
                LB action :
                   primary serverfarm: sf1
                        state: DOWN
                    backup serverfarm : -
                hit count        : 0
                dropped conns    : 0
                compression      : on  <------------------------------ Compression is enabled if the value is "on"
    compression  bytes_in  : 0       bytes_out : 0  <--- Number of bytes transmitted after compressing the server response
    Compression ratio : 0.00%  <------------------------------ Percentage of data compressed
    Gzip: 0               Deflate: 0  <--------------- Number of times the method is used
    compression errors:                                     _
    User-Agent  : 0               Accept-Encoding    : 0   |
    Content size: 0               Content type       : 0   |
    Not HTTP 1.1: 0               HTTP response error: 0   |-- Check these error counters to see if they are increasing
    Let me know if you have any questions.
    Regards,
    Kanwal

  • How to remove farm account from Application Discovery and Load Balancer Service Application

    Hello Community
        Using Sharpoint 2010 Server I think the reason
    the User Profile Synchronization would stop is because somehow the farm
    account was registered as a managed account.  So I removed the farm
    account from all services that ran under the farm account so that I could
    run Remove-SPManagedAccount or click the Remove icon in manage service accounts
    and then unregisted farm account as a managed account.
       But before I can run Remove-SPManagedAccount I need to remove it from one more
    service account that uses the farm account which is:
        "Application Discovery and Load Balanceer Service Account".
        However, nothing seems to remove it from there.
        I tried :
    "get-spserviceapplication | where {$_.TypeName -match "Application Discovery and Load Balancer Service Application"}
        and then
    "stop-spserviceinstance "dde7fbef-b068-4687-bedb-f67230efab5a"
        amongst a host of other methods so that I could ultimately
    unregister farm account as a managed account.
        But no matter what I do when I try to remove the farm account from Application Discovery
    and Load Balancer Service Application
    and then unregister the farm account as a managed account a message always says
    "Application Discovery and Load Balancer Service Application" is using the farm account
    as its service account.
        What can I do to free the farm account from Application Discovery and Load Balancer Service Application?
        Thank you
        Shabeaut

    The Farm Account is always a Managed Account and can never be "unmanaged". You don't have to set the automatic password roll.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Azure Load Balancer - Query for VMs in rotation or removed from rotationq

    From what I can tell, there is no way to know if any of the VMs configured as part of a Load-Balanced Set has been taken out of rotation. I see a PS script to set the Azure Load Balancer Endpoint -
    Set-AzureLoadBalancedEndpoint.  But there is no way from what I can tell via
    PS or in the Portal to notify or alert me when a VM is no longer part of the LB Set due to some issue. What is the roadmap to make this available via a PS Script, Azure Portal, or via SCOM?  

    Hi,
    From my experience, this issue was more related with Windows Azure network, I suggest you move to that forum for a better help.
    The forum link was:
    http://social.msdn.microsoft.com/Forums/en-US/home?forum=WAVirtualMachinesVirtualNetwork
    Best Regards
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • ACE 4700 load balancing Issue

    Hi,
    I am new in ACE 4700. I have configured ACE 4700 for load balancing the FAX servers. Probe, ServerFarm, Real server, Virtual server, VIP state every thing is up and in service. But I am not able to access the real server using VIP IP address.
    Below is the running configuration. Please help me to troubleshot the problem.
    HOB-ACE-1/Admin# sh run
    Generating configuration....
    no ft auto-sync startup-config
    boot system image:c4710ace-mz.A3_2_0.bin
    hostname HOB-ACE-1
    interface gigabitEthernet 1/1
      description Man_HOB_1
      switchport access vlan 1000
      no shutdown
    interface gigabitEthernet 1/2
      description VIP_HOB_1
      switchport access vlan 24
      no shutdown
    interface gigabitEthernet 1/3
      description HA_HOB_1
      switchport access vlan 180
      no shutdown
    interface gigabitEthernet 1/4
      shutdown
    [7m--More-- [m
    access-list ALL line 8 extended permit ip any any
    probe icmp ICMP_PROBE1
      interval 15
      faildetect 4
      passdetect interval 60
      passdetect count 5
      receive 5
    rserver host MFREFSAS497
      description MAAFAXSERVER
      ip address 10.16.12.148
      conn-limit max 4000000 min 4000000
      inservice
    rserver host MSHOFCFS489
      description HOBFAXSERVER
      ip address 10.26.12.130
      conn-limit max 4000000 min 4000000
      inservice
    [7m--More-- [m
    [K
    serverfarm host SFHOBACE-1
      description SFHOBACE-1
      predictor hash header Accept
      probe ICMP_PROBE1
      rserver MFREFSAS497 80
        conn-limit max 4000000 min 4000000
        inservice
      rserver MSHOFCFS489 80
        conn-limit max 4000000 min 4000000
        inservice
    class-map match-all VSHOBACE-1
      2 match virtual-address 10.26.24.242 any
    class-map type management match-any remote_access
      201 match protocol xml-https any
      202 match protocol icmp any
      203 match protocol telnet any
      204 match protocol ssh any
      205 match protocol http any
      206 match protocol https any
      207 match protocol snmp any
    [7m--More-- [m
    [K
    policy-map type management first-match remote_mgmt_allow_policy
      class remote_access
        permit
    policy-map type loadbalance first-match VSHOBACE-1-l7slb
      class class-default
        serverfarm SFHOBACE-1
    policy-map multi-match global
      class VSHOBACE-1
        loadbalance vip inservice
        loadbalance policy VSHOBACE-1-l7slb
        loadbalance vip icmp-reply
        nat dynamic 1 vlan 24
        nat dynamic 1 vlan 1000
    service-policy input global
    interface vlan 24
      description "Client VLAN"
      ip address 10.26.24.243 255.255.255.0
    [7m--More-- [m
      access-group input ALL
      no shutdown
    interface vlan 1000
      ip address 10.26.12.132 255.255.255.0
      peer ip address 10.26.12.133 255.255.255.0
      access-group input ALL
      service-policy input remote_mgmt_allow_policy
      no shutdown
    ft interface vlan 180
      ip address 192.168.180.2 255.255.255.248
      peer ip address 192.168.180.3 255.255.255.248
      no shutdown
    ft peer 1
      heartbeat interval 300
      heartbeat count 10
      ft-interface vlan 180
    ft group 1
      peer 1
      priority 140
      associate-context Admin
    [7m--More-- [m
      inservice
    ip route 0.0.0.0 0.0.0.0 10.26.12.1
    snmp-server contact "HOB_ACE"
    snmp-server location "HOB"
    snmp-server community FAXSERVER group Network-Monitor
    snmp-server user administrator Network-Monitor
    snmp-server trap-source vlan 1000
    username admin password 5 $1$GtO1e504$eGuyxxDcXck7SkxqBfRkI.  role Admin domain
    default-domain
    username www password 5 $1$N5ClX7jy$kDhGgN.uukWQKvQMd3pY.1  role Admin domain de
    fault-domain
    ssh key rsa 1024 force
    Thanks and Regards,
    Ashfaque

    Hello Hossain,
    Applying the policy globally on the box is commonly not the prefered way to go, you can use instead a single multi-match policy per SVI for easier managent; this will also also help to narrow down problems to a specific policy and VIP while T-Shooting.
    Use the
    ACE/Admin(config)# no service-policy input global
    ACE/Admin(config)# interface vlan 24
    ACE/Admin(config-if)# service-policy input global
    Also you want to remove the NAT from the multi-match policy, you're running in routed mode so NAT should not be required; if it was required then you don't have any natpool configured or as Ahmad mentioned it was truncated from the configuration.
    Something that caught up my attention is that your default route is pointing to the server VLAN that happens to be also your management VLAN, I'll have to lab it up but my first impression is that either the traffic coming to the VIP on vlan 24 should be always NAT'd to an IP of 10.26.24.X/24 before it gets to the ACE or else there will be a routing loop that will not allow the flow to complete correctly.
    Do you happen to have a quick logical diagram of this piece of the network?
    Thnx
    Pablo

  • ACE Load Balancing Problem

    Hi,
    I have ACE 4701 with c4710ace-mz.A3_2_2.bin image. In the current setup ACE is located in the center of network where all the WAN, Intenret and LAN is connected and ACE has default towards Internet and All other segment has default route towards ACE appliance. ACe is only redirecting the port 80 traffic to my Proxy server and bypass my lan subnet on port 80.
    Internet
    i
    i
    i
    i
    i
    ACE--------------------------------WAN
    i
    i
    i
    i
    LAN
    I want to use ACE for the load balancing of two servers. Today I did the load balancing configuration but as soon as I applied the policy map on the interface vlan 200 and 300, my complete network reachability went down. When I remove the policy my network came back to normal.
    192.168.200.66  FAX Server-1
    192.1168.200.67 FAX Server-2
    192.168.200.65   Virtual IP address
    Attached is the configuration that I did on ACE for the load balancing and below is the current configuration of the ACE appliance.
    access-list acl-in remark ACCESS LIST FOR ACE-INSIDE
    access-list acl-in line 1 extended permit ip any any
    access-list acl-out remark ACCESS LIST FOR ACE-OUTSIDE
    access-list acl-out line 1 extended permit ip any any
    access-list acl-proxy remark ACCESS LIST FOR PROXY SEGMENT
    access-list acl-proxy line 1 extended permit ip any any
    access-list acl-wan remark ACCESS LIST FOR WAN SEGMENT
    access-list acl-wan line 1 extended permit ip any any
    probe tcp PROBE_5050
    port 5050
    interval 15
    passdetect interval 60
    open 1
    probe tcp PROBE_5101
    port 5101
    interval 15
    passdetect interval 60
    open 1
    probe tcp PROBE_TCP
    port 80
    interval 15
    passdetect interval 60
    open 1
    parameter-map type http PARAMAP_CASE
    case-insensitive
    no persistence-rebalance
    rserver host RS_BCPR01
    ip address 192.168.0.103
    inservice
    rserver host RS_BCPR02
    ip address 192.168.0.104
    inservice
    rserver host RT_fax1
    description Right Fax Server-1
    ip address 192.168.200.66
    rserver host RT_fax2
    description Right Fax Server-2
    ip address 192.168.200.67
    serverfarm host SF_BCPR
    transparent
    probe PROBE_5050
    probe PROBE_5101
    probe PROBE_TCP
    rserver RS_BCPR01
    inservice
    rserver RS_BCPR02
    inservice
    serverfarm host SF_RT_fax
    rserver RT_fax1
    rserver RT_fax2
    sticky ip-netmask 255.255.255.255 address source STICKY-SOURCE
    replicate sticky
    serverfarm SF_BCPR
    sticky ip-netmask 255.255.255.255 address source FAX-STICKY
    replicate sticky
    serverfarm SF_RT_fax
    class-map type management match-any CM_ALL
    2 match protocol snmp any
    3 match protocol http any
    4 match protocol https any
    5 match protocol icmp any
    6 match protocol telnet any
    class-map match-any CM_BYPASS_FOR_LAN
    3 match virtual-address 100.1.1.0 255.255.255.0 tcp eq www
    8 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
    9 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
    10 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
    class-map match-any CM_BYPASS_SUBNET
    9 match virtual-address 100.0.0.0 255.0.0.0 tcp eq www
    13 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
    14 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
    15 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
    class-map match-any CM_IM
    2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5050
    3 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 1080
    4 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5101
    class-map match-all CM_SF_BCPR
    255 match virtual-address 0.0.0.0 0.0.0.0 tcp eq www
    class-map match-any RT_FAX
    2 match virtual-address 192.168.200.65 0.0.0.0 any
    policy-map type management first-match PM_ALL
    class CM_ALL
    permit
    policy-map type loadbalance http first-match PM_L7_BYPASS_FOR_LAN_HTTP
    class class-default
    forward
    policy-map type loadbalance http first-match PM_L7_BYPASS_HTTP
    class class-default
    forward
    policy-map type loadbalance first-match PM_LB_RT_FAX
    class class-default
    sticky-serverfarm FAX-STICKY
    policy-map type loadbalance http first-match PM_LB_SF_BCPROXY
    class class-default
    sticky-serverfarm STICKY-SOURCE
    policy-map multi-match PM_BYPASS_FOR_LAN_HTTP
    class CM_BYPASS_FOR_LAN
    loadbalance vip inservice
    loadbalance policy PM_L7_BYPASS_FOR_LAN_HTTP
    policy-map multi-match PM_BYPASS_HTTP
    class CM_BYPASS_SUBNET
    loadbalance vip inservice
    loadbalance policy PM_L7_BYPASS_HTTP
    policy-map multi-match PM_MAIN_BCPROXY
    class CM_SF_BCPR
    loadbalance vip inservice
    loadbalance policy PM_LB_SF_BCPROXY
    loadbalance vip icmp-reply active
    appl-parameter http advanced-options PARAMAP_CASE
    class CM_IM
    loadbalance vip inservice
    loadbalance policy PM_LB_SF_BCPROXY
    policy-map multi-match PM_RT_FAX
    class RT_FAX
    loadbalance vip inservice
    loadbalance policy PM_LB_RT_FAX
    service-policy input PM_ALL
    interface vlan 100
    description FW-INSIDE CONTEXT RACK1
    ip address 192.168.0.5 255.255.255.224
    alias 192.168.0.11 255.255.255.224
    peer ip address 192.168.0.6 255.255.255.224
    mac-address autogenerate
    no icmp-guard
    access-group input acl-out
    no shutdown
    interface vlan 200
    description WAN-VLAN CONTEXT RACK1
    ip address 192.168.0.33 255.255.255.224
    alias 192.168.0.43 255.255.255.224
    peer ip address 192.168.0.34 255.255.255.224
    mac-address autogenerate
    access-group input acl-wan
    service-policy input PM_BYPASS_HTTP
    service-policy input PM_MAIN_BCPROXY
    no shutdown
    interface vlan 300
    description ACE-INSIDE CONTEXT RACK1
    ip address 192.168.0.65 255.255.255.224
    alias 192.168.0.73 255.255.255.224
    peer ip address 192.168.0.66 255.255.255.224
    mac-address autogenerate
    access-group input acl-in
    service-policy input PM_BYPASS_FOR_LAN_HTTP
    service-policy input PM_BYPASS_HTTP
    service-policy input PM_MAIN_BCPROXY
    no shutdown
    interface vlan 301
    description BC-VLAN CONTEXT RACK1
    ip address 192.168.0.97 255.255.255.224
    alias 192.168.0.107 255.255.255.224
    peer ip address 192.168.0.98 255.255.255.224
    mac-address autogenerate
    access-group input acl-proxy
    no shutdown
    ft track interface TRACKING_FOR_FT_VLAN
    track-interface vlan 300
    peer track-interface vlan 300
    priority 255
    peer priority 255
    ip route 0.0.0.0 0.0.0.0 192.168.0.1
    Please help me out what i am missing. Is there any limitation on policy map or my bypass subnet list is creating problem. 

    I did these changes this time nothing disconnected but I am not able to do the Remote desktop on the virtual IP address. Real IP has Remote desktop enabled even VIP is not ping able for me.
    rserver host RT_fax1
      description Right Fax Server-1
      ip address 192.168.200.66
      inservice
    rserver host RT_fax2
      description Right Fax Server-2
      ip address 192.168.200.67
      inservice
    serverfarm host SF_RT_fax
      rserver RT_fax1
        inservice
      rserver RT_fax2
        inservice
    policy-map type loadbalance rdp first-match PM_LB_RT_FAX
      class class-default
        serverfarm SF_RT_fax
    policy-map multi-match PM_RT_FAX
      class RT_FAX
        loadbalance vip inservice
        loadbalance policy PM_LB_RT_FAX
        loadbalance vip icmp-reply active
    interface vlan 200
      description WAN-VLAN CONTEXT RACK1
      ip address 192.168.0.33 255.255.255.224
      alias 192.168.0.43 255.255.255.224
      peer ip address 192.168.0.34 255.255.255.224
      mac-address autogenerate
      access-group input acl-wan
      service-policy input PM_BYPASS_HTTP
      service-policy input PM_MAIN_BCPROXY
      service-policy input PM_RT_FAX
      no shutdown
    interface vlan 300
      description ACE-INSIDE CONTEXT RACK1
      ip address 192.168.0.65 255.255.255.224
      alias 192.168.0.73 255.255.255.224
      peer ip address 192.168.0.66 255.255.255.224
      mac-address autogenerate
      access-group input acl-in
      service-policy input PM_BYPASS_FOR_LAN_HTTP
      service-policy input PM_BYPASS_HTTP
      service-policy input PM_MAIN_BCPROXY
      service-policy input PM_RT_FAX
      no shutdown
    But nothing is working for me. Please help me out. This time i didnt configure the sticky. But in real I will go with sticky and complete IP protocol will be use a VIP. Please help me out.

  • Load balancing testing.

    Hi Gurus,
    For load balancing purpose we have installed sap in one more box (crm
    quality system). now i need to test whether load balancing is
    happening or not in below scenarios..
    1.) Test the Load balancing on the C.I and D.I.
    2.) Take Multiple Logins and compare the Load Balancing
    3.) Maintain the Variation of Job such as on-line process and background.
    4.) Monitor the Login System for each Variation
    So first i tested the transaction codes like sm04, and smlg and checked with users and how much bytes they are occuping i have tested.
    please give me your inputs in which way i could test it better  and what are all the various aspects??
    Thanks
    Sahad

    HI ,
    For load balancing you can check the load on the Ci and DI .
    Just goto SM51 ,there you shall see the CI and the DI there.double click on the ci.
    Now run St02 and st03n and St06 and check the performance.
    Do the same for the Application Server.
    I shall suggest that if you have more application server Just Remove the CI from the logon load balancing to have better performance.
    for more details go through this Link to check logon load balancing at os level
    http://help.sap.com/saphelp_nw70/helpdata/en/64/32a5682e6a4e0cbb3f8a33970d11a8/content.htm
    Thanks
    Rishi Abrol

  • CSS Load balancing for Exchange Server

    Hi,
    I have CSS configured in single arm and I have multiple servers configured for load balancing and it is working fine but when I am configuring Exchange server for load balancing I am facing problem and applications and printer/scanners are not able to send the email through the Virtual IP address configured for exchaneg server.
    But if we configured the real server IP in the printer/scanners they are able to send the email. While checking the logs on the exchange server, it is showing that request for the email so coming from the Exchange VIP configured in the CSS.
    I can telnet on port 25 on the VIP address (192.168.200.237). But unable to send the email through this VIP.
    Below is the configuration
    service ENOC_EXCHANGE-1
      ip address 192.168.200.235
      active
    service ENOC_EXCHANGE-2
      ip address 192.168.200.236
      active
    content EXCHANGE
        add service ENOC_EXCHANGE-2
        add service ENOC_EXCHANGE-1
        vip address 192.168.200.237
        active
    group EXCHANGE
      add destination service ENOC_EXCHANGE-1
      add destination service ENOC_EXCHANGE-2
      vip address 192.168.200.237
      active
    DC-CSS01# show rule GIT EXCHANGE
    Name:                EXCHANGE   Owner:                ENOC_GIT
    State:                 Active   Type:                     HTTP
    Balance:          Round Robin   Failover:                  N/A
    Persistence:          Enabled   Param-Bypass:         Disabled
    Session Redundancy:  Disabled
    IP Redundancy:    Not Redundant
    L3:         192.168.200.237
    L4:         Any/Any
    Url:       
    Redirect: ""
    TCP RST client if service unreachable: Disabled
    Rule Services & Weights:
    1: EXCHANGE-1-Alive, S-1
    2: EXCHANGE-2-Down, S-1
    =============================================================================
    Please let me know how to solve this problem. System team is saying with the physical IP address it is working fine problem with Load balancing. I have even tried with the
    Add service command in the group but didnt work for me. If i will remove the group command then I cant telnet on port 25.
    I think this is related to single arm modle or some wrong configuration for the NAT.
    Kindly assist me

    Hi
    Printers are on Vlan 80 ( gw is 192.168.80.1) and exange server is on vlan 200 (gw is 192.168.200.1) i have multiple vlan which will communcate with exchange.
    I hv other servers on 200 subnet which are working fine in load balancing.
    My CSS is single arm setup.
    Please assist
    Sent from Cisco Technical Support iPhone App

  • FTP Load-Balancing in DSR mode

    Hello Experts .. 
    Need some clarity on FTP LB under DSR mode ....  I have my DSR working fine for normal http traffic , but facing issues with FTP on the same , please find the configs attached below 
    Topology 
    Client ( 10.20.10.101)   -----> CAT6k  ( 10.20.10.110 & 10.10.15.2)  --> ACE --- > Server 
    VLAN 149                                  VLAN 149 & VLAN 150
    access-list access line 8 extended permit icmp any any
    access-list access line 16 extended permit tcp any any
    access-list acl line 8 extended permit ip any any
    rserver host real2
      ip address 10.10.15.101
      inservice
    serverfarm host ftp
      transparent
      rserver real2
        inservice
    class-map match-all ftp-vip
      2 match virtual-address 192.168.5.5 tcp eq ftp
    class-map match-any ftp_1
      2 match access-list access
    policy-map type management first-match mgmt
      class class-default
        permit
    policy-map type loadbalance first-match ftp
      class class-default
        serverfarm ftp
    policy-map multi-match LBPOL
      class vip
        loadbalance vip inservice
        loadbalance policy lbpol
        loadbalance vip icmp-reply active
      class ftp-vip
        loadbalance vip inservice
        loadbalance policy ftp
        inspect ftp
      class ftp_1
        nat dynamic 5 vlan 150
    interface vlan 61
      ip address 61.202.200.200 255.0.0.0
      access-group input acl
      service-policy input mgmt
      no shutdown
    interface vlan 150
      description server-side
      ip address 10.10.15.1 255.255.255.0
      no normalization
      access-group input acl
      nat-pool 5 10.10.15.209 10.10.15.209 netmask 255.255.255.255 pat
      service-policy input LBPOL
      service-policy input mgmt
      no shutdown
    ip route 0.0.0.0 0.0.0.0 10.10.15.2
    Client
    ======
    root@TLS_SRV ~]# ifconfig eth1.149
    eth1.149  Link encap:Ethernet  HWaddr 00:1C:23:E2:50:C4
              inet addr:10.20.10.101  Bcast:10.20.10.255  Mask:255.255.255.0
              inet6 addr: fe80::21c:23ff:fee2:50c4/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:203 errors:0 dropped:0 overruns:0 frame:0
              TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:10444 (10.1 KiB)  TX bytes:8408 (8.2 KiB)
    route
     192.168.5.0     10.20.10.110    255.255.255.0   UG    0      0        0 eth1.149
    CAT6k
    =======
    interface Vlan149
     ip address 10.20.10.110 255.255.255.0
    end
    interface Vlan150
     ip address 10.10.15.2 255.255.255.0
    end
    ip route 192.168.5.5 255.255.255.255 10.10.15.1    
    Server
    =======
    eth1.150  Link encap:Ethernet  HWaddr 00:1C:23:E2:50:C4
              inet addr:10.10.15.101  Bcast:10.10.15.255  Mask:255.255.255.0
              inet6 addr: fe80::21c:23ff:fee2:50c4/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:9194 errors:0 dropped:0 overruns:0 frame:0
              TX packets:408 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:503104 (491.3 KiB)  TX bytes:71884 (70.1 KiB)
    eth1.150:1 Link encap:Ethernet  HWaddr 00:1C:23:E2:50:C4
              inet addr:192.168.5.5  Bcast:192.168.5.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    route
    10.20.0.0       10.10.15.2      255.255.0.0     UG    0      0        0 eth1.150
    When i do FTP from client 10.20.10.101 , my connection is getting refused.... But when i connect to my server directly bypassing ACE i am getting authenticated .. 
    As per the DSR , i made  Rserver & ACE as L2 Adjacent  , so when ACE receives the packet it will change the dest ip instead it will use VIP ip as destination , but the MAC will be rewritten to Rserver MAC address... As i said before all works fine for http DSR ... 
    I know NAT doesn't work in ACE when its configured under DSR , but for FTP i made NAT config , but even if i remove the same its not working , Is my config for FTP is correct ? 
    Could some please look into this and reply ? 
    Thanks
    Charles

    if you need to route / provide load balancing between 2 hosts, then you will need to have Route SAF . you can use web server 7 reverse proxy cli or gui to get this. however, you might want to start from a fresh configuration to avoid reverse-map / map that you have experimented with does not overlap with the 'Route' functionality that you seem to need here
    here are some reference content
    http://blogs.sun.com/amit/entry/setting_up_a_reverse_proxy
    http://blogs.sun.com/meena/entry/configuring_reverse_proxy_in_sun
    http://www.sun.com/bigadmin/features/articles/web_server_zones.jsp

  • CSM load balancing

    I have an interesting problem. I have a VIP with a two server, serverfarm. Originally the VIP and serverfarm were doing load balancing in the switch IOS and the vip was configured with a 27 bit subnet mask. I moved the configuration to our csm mod and removed the subnet mask. The original sticky was set to 120 and I reset the sticky to 30 as part of the move. Now the load balancing is extremely off kilter (200 connections to 7). Any ideas what could be amiss?

    Real servers are physical devices assigned to a server farm. Real servers provide the services that are load balanced. When the server receives a client request, it pulls matching information from a disk and sends it to the CSM for forwarding to the client.
    You configure the real server in the real server configuration mode by specifying the server IP address and port when you assign it to a server farm. You enter the real server configuration mode from the serverfarm mode where you are adding the real server.
    This URl should help me:
    http://www.cisco.com/en/US/products/hw/switches/ps708/products_installation_and_configuration_guide09186a00801760d0.html#xtocid439743

  • Site behind load balancer - Key not valid for use in specified state

    Hi,
    I have created a sharepoint application page to access an active end point on ADFS and establish a fedauth session. All works well in single server. But when the page runs behind load balancer with 2 servers, it fails with key not valid for use in specified
    state exception. Stickiness is enabled on load balancer. verified that.
    I had made few changes to config file in microsoft.identitymodel section to accomodate adfs custom login. This included removing securitytokenhandlers and issuertokenresolvers as well. Is this impacting the encryption/decryption in anyway?
    Any pointers would help.
    Reference point for my application page : http://blog.helloitsliam.com/Lists/Posts/Post.aspx?ID=76

    Hi,
    As I understand, you encountered the error “Key not valid for use in specified state” when ADFS custom login.
    In order to run in Windows Azure Web Sites a Web application which uses WIF for handling authentication, you must change the default cookie protection method (DPAPI, not available on Windows Azure Web Sites) to something that will work in a farmed environment
    and with the IIS’ user profile load turned off.
    1. If you are using the Identity and Access Tools for VS2012, just go to the Configuration tab and check the box “Enable Web farm ready cookies”.
    2. If you want to do things by hand, add the following code snippet in your system.identitymodel/identityConfiguration element:
       <securityTokenHandlers>
         <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, 
                 System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
          <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler,
                System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        </securityTokenHandlers>
    There is a similar case:
    http://stackoverflow.com/questions/19323287/key-not-valid-for-use-in-specified-state-error-for-net-4-5-mvc-4-application
    Best regards,
    Sara Fan
    TechNet Community Support
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
    [email protected]

  • FDM Load balancer Configuration issue

    We are doing the installation for Hyperion Planning, ODI and DRM on DEV environment
    The EPM version we are using - 11.1.2.2
    Server 1 (Windows 2008 x64)
    Foundation Services
    Calculation Manager
    Planning Web Application
    Analytical Provider Services
    Essbase Administration Services web application
    Oracle HTTP Server
    Server 2 (Windows 2008 x64)
    R & A Framework Services
    R & A Framework Web Application
    Financial Reporting Web Application
    Web analysis Web Application
    Server 3 (Windows 2008 x64)
    FDM
    EPMA
    ODI
    DRM
    Essbase Integration Services
    Essbase Studio
    IIS 7.x
    Server 4 (Windows 2008 x64)
    Essbase Server
    Server 5(Windows 2008 x64)
    SQL Server 2008
    All our services are running fine for Planning. We are in process of configuring FDM.
    FDM Application Server Configuration is completed.
    While doing FDM Load Balancer Configuration, we also able to connect to Shared Service directory successfully. But when we click ok to complete the configuration it gives following error -
    Unable to Create Load Balancer Object!
    Please verify that the user name, password, and domain are correct
    Error=Cannot create ActiveX component
    When checked in Event Log we found -
    Unable to create Load Balance Manager object! Configuration directory could not be located. Error=-2147023878 - Retrieving the COM class factory for component with CLSID *{E652643D-6CC1-48AC-915D-01842B04F292}*
    Source=TaskManagerService - at TaskManagerService.TaskItem.fGetConfigFolder()
    We tried the below steps but issue still persists -
    •     Start the ‘dcomcnfg’ tool in Windows
    •     Expand Component Services\Computers\My Computer\Dcom-Config and locate the following object: {E652643D-6CC1-48AC-915D-01842B04F292}
    •     Right-click and choose "Properties" and click on the "Security" tab
    •     Click the "Edit" button and remove all users except the default: "Everyone" and "System" and click OK, then set the radio button to "Use Default"
    •     Click the "Edit" button under Access Permissions and remove all users/groups except the default items and click OK, and set the radio button to "Use Default"
    •     Now click the "Identity" tab and remove the ID in the "This User" field and set the radio button to "The Launching User" and click "Apply" and "OK"
    •     Now try to launch the FDM Load Balance Config and all the extra tools for FDqM
    We are using hypadmin as domain account but it is part of Administrators group on FDM Server (Server 3). The administrators group is also part of -
    Act as part of the operating system
    Bypass traverse checking
    Log on as a batch job
    Log on as a service
    Please let us know in case if you encountered similar error on this version and possible solution for the issue.
    Thanks in advance.
    Regards,

    I woudl clear out all users/groups on the security tab of the FDM Load Balance Server DCOm object for "Launch and Activation" and "Access" permisisons and then set the identity to the "Launching User" radio button and apply. Then re-set the config.
    If that still fails, try rebooting the server and then set it.
    Make sure the domain and password are also correct that is being entered.

  • Internal load balance ilb on ServiceConfiguration LoadBalancers

    Hi everybody, I try to setup an internal load balancer using this configuration:
    from cscfg:
    <NetworkConfiguration>
     <VirtualNetworkSite name="WE" />
     <AddressAssignments>
      <InstanceAddress roleName="Role1">
       <Subnets>
        <Subnet name="WE_WWW" />
       </Subnets>
      </InstanceAddress>
      <InstanceAddress roleName="Role">
       <Subnets>
        <Subnet name="WE_SERVICE" />
       </Subnets>
      </InstanceAddress>
     </AddressAssignments>
     <LoadBalancers>
      <LoadBalancer name="WEB_ILB">
       <FrontendIPConfiguration type="private" subnet="WE_WWW" staticVirtualNetworkIPAddress="192.168.1.5" />
      </LoadBalancer>
      <LoadBalancer name="API_ILB">
       <FrontendIPConfiguration type="private" subnet="WE_SERVICE" staticVirtualNetworkIPAddress="192.168.2.5" />
      </LoadBalancer>
     </LoadBalancers>
    </NetworkConfiguration>
    from csdef:
    <WebRole name="Role1" vmsize="Small">
     <Sites>
      <Site name="Web">
       <Bindings>
        <Binding name="httpIn" endpointName="httpIn" />
        <Binding name="httpsIn" endpointName="httpsIn" />
       </Bindings>
      </Site>
     </Sites>
     <Endpoints>
      <InputEndpoint name="httpIn" protocol="http" port="80" loadBalancer="WEBILB" />
      <InputEndpoint name="httpsIn" protocol="https" port="443" certificate="Valuta" />
     </Endpoints>
     <Imports>
      <Import moduleName="Diagnostics" />
      <Import moduleName="RemoteAccess" />
      <Import moduleName="RemoteForwarder" />
     </Imports>
     <Certificates>
      <Certificate name="Valuta" storeLocation="LocalMachine" storeName="CA" />
     </Certificates>
    </WebRole>
    <WebRole name="Role2" vmsize="Small">
     <Sites>
      <Site name="Web">
       <Bindings>
        <Binding name="httpIn" endpointName="httpIn" />
       </Bindings>
      </Site>
     </Sites>
     <Endpoints>
      <InputEndpoint name="httpIn" protocol="http" port="8080" loadBalancer="APIILB" />
     </Endpoints>
     <Imports>
      <Import moduleName="Diagnostics" />
      <Import moduleName="RemoteAccess" />
     </Imports>
    </WebRole>
    as you can see I have two webroles linked to a vnet:
    Role1 has two input endpoint: https and http (the one I want to "internal" load balance)
    Role2 has only an http input endpoint (again the one I want to "internal" load balance)
    and I try to configure an internal loadbalancer (see here:
    vs2013-update3)
    When I try to deploy the package I receive this error:
    Error: The specified configuration settings for Settings are invalid. Verify that the service configuration file is a valid XML file, and that role instance counts are specified as positive integers.  Http Status Code: BadRequest  OperationId:
    874024071e88327f8cb73c16f15f3ac2
    I'm sure it depends on the ilb configuration because when I remove it the deploy succeed...
    Does anybody try something like this?
    Thanks,
    Simone

    I've found a solution by myself with the help of a friend (Sandro Vecchiarelli): the "problem" is that I try to setup two load balancers in one cloud service. Trying with only one work correctly; the error probably is a schema validation and I
    really don't know if the error is on "client" schema that allow me to configure more than one ILB (note the node name
    LoadBalancers... its plural...) or online (the one on Azure).
    By the way...at the moment use just one ILB per cloud service.
    Hope this help.

  • Ask the Expert: Configuration and Troubleshooting the Cisco Application Control Engine (ACE) load balancer

    With Ajay Kumar and Telmo Pereira 
    Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about configuration and troubleshooting the Cisco Application Control Engine (ACE) load balancer with Cisco expert Ajay Kumar and Telmo Pereira. The Cisco ACE Application Control Engine Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is a next-generation load-balancing and application-delivery solution. A member of the Cisco family of Data Center 3.0 solutions, the module: Helps ensure business continuity by increasing application availability Improves business productivity by accelerating application and server performance Reduces data center power, space, and cooling needs through a virtualized architecture Helps lower operational costs associated with application provisioning and scaling
    Ajay Kumar  is a customer support engineer in the Cisco Technical Assistance Center in Brussels, covering content delivery network technologies including Cisco Application Control Engine, Cisco Wide Area Application Services, Cisco Content Switching Module, Cisco Content Services Switches, and others. He has been with Cisco for more than four years, working with major customers to help resolve their issues related to content products. He holds DCASI and VCP certifications. 
    Telmo Pereira is a customer support engineer in the Cisco Technical Assistance Center in Brussels, where he covers all Cisco content delivery network technologies including Cisco Application Control Engine (ACE), Cisco Wide Area Application Services (WAAS), and Digital Media Suite. He has worked with multiple customers around the globe, helping them solve interesting and often highly complex issues. Pereira has worked in the networking field for more than 7 years. He holds a computer science degree as well as multiple certifications including CCNP, DCASI, DCUCI, and VCP
    Remember to use the rating system to let Ajay know if you have received an adequate response.
    Ajay and Telmo might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Data Center sub-community discussion forum Application Networking shortly after the event.
    This event lasts through July 26, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

    Hello Krzysztof,
    Another set of good/interesting questions posted. Thanks! 
    I will try to clarify your doubts.
    In the output below both resources (proxy-connections and ssl-connections rate) are configured with a min percentage of resources (column Min), while 'Max' is set to equal to the min.
    ACE/Context# show resource usage
                                                         Allocation
            Resource         Current       Peak        Min        Max       Denied
    -- outputs omitted for brevity --
      proxy-connections             0      16358      16358      16358      17872
      ssl-connections rate          0        626        626        626      23204
    Most columns are self explanatory, 'Current' is current usage, 'Peak' is the maximum value reached, and the most important counter to monitor 'Denied' represents the amount of packets denied/dropped due to exceeding the configured limits.
    On the resources themselves, Proxy-connections is simply the amount of proxied connections, in other words all connections handled at layer 7 (SSL connections are proxied, as are any connections with layer 7 load balance policies, or inspection).
    So in this particular case for the proxy-connections we see that Peak is equal to the Max allocated, and as we have denies we can conclude that you have surpassed the limits for this resource. We see there were 17872 connections dropped due to that.
    ssl-connections rate should be read in the same manner, however all values for this resource are in bytes/s, except for Denied counter, that is simply the amount of packets that were dropped due to exceeding this resource. 
    For your particular tests you have allocated a min percentage and set max equal to min, this way you make sure that this context will not use any other additional resources.
    If you had set the max to unlimited during resource allocation, ACE would be allowed to use additional resources on top of those guaranteed, if those resources were available.
    This might sound a great idea, but resource planning on ACE should be done carefully to avoid any sort of oversubscription, specially if you have business critical contexts.
    We have a good reference for ACE resource planning that contains also description of all resources (this will help to understand the output better):
    http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/virtualization/guide/config.html#wp1008224
    1) When a resource is utilized to its maximum limit, the ACE denies additional requests made by any context for that resource. In other words, the action is to Drop. ACE  should in theory silently drop (No RST is sent back to the client). So unless we changed something on the code, this is what you should see.
    To give more context, seeing resets with SSL connections is not necessarily synonym of drops. As it is usual to see them during normal transactions.
    For instance Microsoft servers are usually ungracefully terminating SSL connections with RESET. Also when there is renegotiation during an SSL transaction you may see RESETS, but this will pass unnoticed for end users. 
    2)  ACE will simply drop/ignore new connections when we reach the maximum amount of proxied connections for that context. Exisiting connections will continue there.
    As ACE doesn't respond back, client would simply retransmit, and if he is lucky maybe in the next attempt he will be able to establish the connection.
    To overcome the denies, you will definitely have to increase the resource allocation. This of course, assuming you are not reaching any physical limit of the box.
    As mentioned setting max as unlimited might work for you, assuming there are a lot of unused resources on the box.
    3)  If a new connection comes in with a sticky value, that matches the sticky entry of a real server, which is already in MAXCONNS state, then both the ACE module/appliance should reject the connection and that sticky entry would be removed.
    The client would at that point reestablish a new connection and ACE would associate a new sticky entry with the flow for a new RSERVER after the loadbalancing decision.
    I hope this makes things clearer! Uff...
    Regards,
    Telmo

Maybe you are looking for

  • Function Module for F4 Help

    HI Experts What is the function module for F4 help download. Thanks in advance

  • Issue with Shared Services 11.1.1

    Hi all, I have an issue with the shared services in version 11.1.1. When i am trying to click on the Application Groups on the left pane in the console, an error message has been displayed as " A communication error has occured while loading the view

  • Excel application - can't remove from memory

    I'm opening and reading a worksheet using the Excel application/reference methods from Labview.  Worked fine until some short time ago where now all my sheets are opened up as "read-only".  Worse yet, when I try to close the sheet and Quit excel appl

  • Error Message at Startup

    I am getting the following error message when I boot up:"The procedure entry point GetNuanceRelatedData could not be located in the dynamic link library CommFunc.dll".  It is with reference to tpknrres.exe.  Any idea how to fix this? Solved! Go to So

  • Polling (voting) Portlet - Is there one available?

    Greetings from Tampa: Query the community for a portlet for the use of polling, or gathering votes from users. The idea is to also make available the raw results to date, as well as access to final results of previous polls. Thanks in advance for any