11-26-2007 11:00 AM
I am wondering if it is necessary to use `url "/*"' in a content rule using arrowpoint-cookie. I have been using arrowpoint-cookie for years and have never used the url command unless I needed a specific layer 5 feature like header field rule.
Recently I have been having issues with stickiness where once or twice per day a session is directed to the wrong server in the rule and someone mentioned that I need the `url "/*"' line. Could you guys confirm?
Here is what my rule looks like. I was wondering too if perhaps the string configured on the service is too short and may be causing issues from time to time because I have a rule with services using the default string (server ip) and that seems to be fine...
service web1-80
ip address 10.0.0.1
port 80
protocol tcp
keepalive type tcp
keepalive port 80
keepalive frequency 60
string 111pro111
redundant-index 664
active
service web2-80
ip address 10.0.0.2
port 80
protocol tcp
keepalive type tcp
keepalive port 80
keepalive frequency 60
string 222pro2222
redundant-index 665
active
service web3-80
ip address 10.0.0.3
port 80
protocol tcp
keepalive type tcp
keepalive port 80
keepalive frequency 60
string 333pro3333
redundant-index 666
active
[...]
content web-80
protocol tcp
vip address 192.168.1.1
port 80
redundant-index 10641
advanced-balance arrowpoint-cookie
add service web1-80
add service web2-80
add service web3-80
add service web4-80
add service web5-80
add service web6-80
add service web7-80
add service web8-80
add service web9-80
active
Thanks
11-27-2007 05:02 AM
I always configure the url when using arrowpoint-cookies because this feature is an L5 feature. The CSS needs to spoof the connection between client and server.
However, if it was mandatory, nothing would work as it is. Not just a few connection failures.
Your problem is most probably due to idle timeout. If the CSS detected the connection was idle, it will stop looking for new cookies in the connection, so no remapping is possible.
Use the flow-timeout-multiplier command to increase the idle timeout ie: by 25 and see if that improves the situation.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide