05-06-2008 06:12 AM
Hello,
I have a pair of Sun Directory Proxy servers behind our CSS with the following config...
<<< START CONFIG >>>
!************************** SERVICE **************************
service DirProxy_mmcdif22_636
keepalive type tcp
keepalive tcp-close fin
keepalive port 636
ip address 172.16.30.72
active
service DirProxy_mmcdif62_636
keepalive type tcp
keepalive tcp-close fin
keepalive port 636
ip address 172.16.30.76
active
!*************************** OWNER ***************************
owner Security
content DirProxy_pdd4_636
add service DirProxy_mmcdif22_636
add service DirProxy_mmcdif62_636
protocol tcp
port 636
vip address 123.123.102.201
balance aca
flow-timeout-multiplier 200
active
!*************************** GROUP ***************************
group v4DirProxy_group
add destination service DirProxy_mmcdif22_636
add destination service DirProxy_mmcdif62_636
vip address 172.16.30.12
active
<<< END CONFIG >>>
During a recent outage of mmcdif62, all existing connections appear to have been 'orphaned' on the CSS for approximately 53 minutes... which correlates with the 'flow-timeout-multiplier 200' config on this content rule.
Is there any way to overcome these 'orphaned' connections during a failure scenario as shown above?
Also, is it possible to configure the CSS to act upon source IP address info? If so, perhaps this would be a solution to our problem.
Thanks,
-Adam
05-06-2008 10:42 AM
Adam,
we consider the application should recover from this by itself.
If the client keeps retransmitting and the server does not respond, the application should reset the connection and open a new one which would then be loadbalanced to a working server.
The ACE module has a feature to automatically kill connections linked to a dead server.
Unfortunately this feature does not exist on the CSS.
Regarding the client ip address, you have configured a group to do client nat.
The server will therefore lose the client info.
This is however not related to the connection hang issue.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide