IOS SLB - Vserver always UP

Unanswered Question
Sep 30th, 2008
User Badges:

Hi guys.. i have this situation with IOS SLB. Theres a virtual server and 2 real servers. The traffit to be balanced runs in a UDP port. We are using a basic ping probe to monitor the real servers. The thing is that even if the probes fails, the Vserver remains "operational", so it is advertised to our network (we are redistributing the static route that points to the null0 int).


We would think that if the real servers are down, the vserver should be also down, as well as the static route.


Here are the configs:


ip slb serverfarm XXX

nat server

predictor leastconns

  real 1.1.1.1

reassign 2

faildetect numconns 4

retry 20

inservice

  real 1.1.1.2

reassign 2

faildetect numconns 4

retry 20

inservice


ip slb vserver YYY

  virtual 10.10.10.10 udp 9020

  serverfarm XXX

  idle 120

  delay 5

  inservice standby SERVER

  exit


Any ideas of why the Vserver remains always up?


PS: we already tried disabling the automatic failure detection (no faildetect inservice).


thanks in advance!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
omarmontes Tue, 09/30/2008 - 01:01
User Badges:

by the way.. when issuing the "show ip slb reals", the real servers are in the "PROBE_FAILED" status, and as I mentioned before, the vserver is in the operational status.

sachinga.hcl Tue, 09/30/2008 - 16:49
User Badges:
  • Silver, 250 points or more

show module csm 3 vservers detail


If the CSM cannot determine the port, the probe is not enabled.



send me the output of the detail of the probe :


sho mod csm 4 probe name probe_name detail


change the values in the above command according to your configuration.



If your probe has a status of ???. This is because the CSM failed to determine the destination port to use for sending the probes.


When the probe fails to run (indicated by a status of ???), the real server remains operational.



send me output of


sho mod csm 4 real


Hope I can troubleshoot this for you.


Thanks and regards,



Sachin Garg

Senior Specialist Security

HCL Comnet Ltd.

A-10, Sector 3, Noida- 201301

Mob: 9911757733

Email: [email protected]


omarmontes Tue, 09/30/2008 - 20:24
User Badges:

We are using IOS-SLB. So there is no module. But we just found the answer to our problem. We issued the "advertise active" command in the vserver configuration, so it installs the route to the null interface only if at least one of the real servers is up.


Thanks for the time!

Actions

This Discussion