cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2249
Views
5
Helpful
11
Replies

ACE load balancing issue

nehakulsum
Level 1
Level 1

Hi,

I have ACE module and 2 servers the problem i am facing is only one server is been serviced by ACE the other server is not getting much traffic at all.

One server gets hit most of the time like 3 pkts goes to server 1 and 1 pkt goes to server 2.

Could anyone tell me why is this issue that unequal load balancing is occoring on my device.

Thanks in advance.

11 Replies 11

dario.didio
Level 4
Level 4

Hi,

Did you configure a weight for each server?

What loadbalancing method are you using? Round-robin (default), least conns?

Can you post your config and the output of "show service-policy name_of_policy" and "show serverfarm name_of_serverfarm"

Hi,

I've got the same issue with the ACE module. All the outputs show that the load is evenly distributed, but the load of the first server is twofold from the second. Here's the configuration.

access-list ALL line 10 extended permit ip any any

probe dns DNS_PROBE

domain http://www.online.kz

expect address 89.218.40.131

probe icmp ICMP_PROBE

interval 10

rserver host DNS-118-1

ip address 10.0.0.1

inservice

rserver host DNS-118-2

ip address 10.0.0.2

inservice

serverfarm host DNS

probe DNS_PROBE

rserver DNS-118-1

inservice

rserver DNS-118-2

inservice

class-map match-any CLASS_MAP

2 match virtual-address 10.0.0.3 tcp eq domain

3 match virtual-address 10.0.0.3 udp eq domain

policy-map type loadbalance first-match L7_LOADB

class class-default

serverfarm DNS

policy-map multi-match L3L4_LOADB

class CLASS_MAP

loadbalance vip inservice

loadbalance policy L7_LOADB

loadbalance vip icmp-reply active

loadbalance vip advertise active

nat dynamic 1 vlan 118

service-policy input L3L4_LOADB

interface vlan 118

bridge-group 118

no icmp-guard

access-group input ALL

access-group output ALL

nat-pool 1 10.0.0.3 10.0.0.3 netmask 255.255.255.255 pat

no shutdown

interface bvi 118

ip address 10.0.0.4 255.255.255.240

alias 10.0.0.5 255.255.255.240

peer ip address 10.0.0.6 255.255.255.240

no shutdown

ft interface vlan 120

ip address 10.245.10.33 255.255.255.248

peer ip address 10.245.10.34 255.255.255.248

no shutdown

ft peer 1

heartbeat interval 300

heartbeat count 10

ft-interface vlan 120

ft group 1

peer 1

priority 150

associate-context Admin

inservice

ip route 0.0.0.0 0.0.0.0 10.0.0.254

here's the output of

sh serverfarm det

serverfarm : DNS, type: HOST

total rservers : 2

active rservers: 2

description : -

state : ACTIVE

predictor : ROUNDROBIN

failaction : -

back-inservice : 0

partial-threshold : 0

num times failover : 0

num times back inservice : 0

total conn-dropcount : 0

Probe(s) :

DNS_PROBE, type = DNS

---------------------------------

----------connections-----------

real weight state current total failures

---+---------------------+------+------------+----------+----------+---------

rserver: DNS-118-1

10.0.0.1:0 8 OPERATIONAL 206 127901 1

max-conns : - , out-of-rotation count : -

min-conns : -

conn-rate-limit : - , out-of-rotation count : -

bandwidth-rate-limit : - , out-of-rotation count : -

retcode out-of-rotation count : -

load value : 0

rserver: DNS-118-2

10.0.0.2:0 8 OPERATIONAL 230 212332 4

max-conns : - , out-of-rotation count : -

min-conns : -

conn-rate-limit : - , out-of-rotation count : -

bandwidth-rate-limit : - , out-of-rotation count : -

retcode out-of-rotation count : -

load value : 0

here's the output of

sh service-policy L3L4_LOADB detail

Status : ACTIVE

Description: -----------------------------------------

Context Global Policy:

service-policy: L3L4_LOADB

class: CLASS_MAP

nat:

nat dynamic 1 vlan 118

curr conns : 325 , hit count : 340457

dropped conns : 5

client pkt count : 2697687 , client byte count: 179735431

server pkt count : 2694477 , server byte count: 535957631

conn-rate-limit : 0 , drop-count : 0

bandwidth-rate-limit : 0 , drop-count : 0

VIP Address: Protocol: Port:

10.0.0.3 tcp eq 53

10.0.0.3 udp eq 53

loadbalance:

L7 loadbalance policy: L7_LOADB

VIP Route Metric : 77

VIP Route Advertise : ENABLED-WHEN-ACTIVE

VIP ICMP Reply : ENABLED-WHEN-ACTIVE

VIP State: INSERVICE

curr conns : 325 , hit count : 340462

dropped conns : 5

client pkt count : 2697687 , client byte count: 179735431

server pkt count : 2694477 , server byte count: 535957631

conn-rate-limit : 0 , drop-count : 0

bandwidth-rate-limit : 0 , drop-count : 0

L7 Loadbalance policy : L7_LOADB

class/match : class-default

LB action: :

primary serverfarm: DNS

state: UP

backup serverfarm : -

hit count : 340457

dropped conns : 0

Hi,

both your servers are serving at the moment of the output more or less equally used:

real weight state current total failures

---+---------------------+------+------------+----------+----------+---------

rserver: DNS-118-1

10.0.0.1:0 8 OPERATIONAL 206 127901 1

rserver: DNS-118-2

10.0.0.2:0 8 OPERATIONAL 230 212332 4

server DNS-118-1 has 206 current connections, server DNS-118-2 has 230 current connections.

try clearing the counters and see if they remain more or less equal.

clear serverfarm DNS

HTH,

Dario

I tried to clear counters. They always remain equal, but the actual information is nothing compared to the output. Servers' logs show that one of them is twice as loaded as the first one.

Before I upgraded ACE software to 3.0(0)A2(1.4a) the situation was even worse. The load of the second server was 10x of the first one along with the same configuration.

DanilZhig
Level 1
Level 1

I have resolved this issue. In my realisation there are 2 DNS servers - so the ACE deals with UDP flows. ACE can inadequately interpret UDP flows and assign multiple flows to one for some reason. This leads to uneven loadbalancing.

I configured Layer 7 loadbalancing policy for my serverfarm as "generic". Then I applied class this Layer 7 policy inside Layer 4 policy along with "loadbalance vip udp-fast-age". This command seems to correct the issue.

Thank you for posting what solved the issue. This is very good for the forum that we have the possibility of learning from what other people have dealt with.

Rgds, Ingolf

Hi,

I have similar problems with syslog server. Clients is sending out multiple message using the same source, and the ACE4710 couldn't load balance at all.

I have tried UDP-Fast-Aging and the latest software A3(2.4) with no result.

Any one have any idea?

Thanks

Luki

Hi Jimmy,

i think it have no sense to put fast age and timeout conn of 120 seconds (is the default).

Try to remove conn map and say us if you have resolved issue.

BR

Danilo

Hi Danilo,

Thanks for the reply. I have tried to remove that connection parameter, but it still showing the same symptom.

I've tried to change the topology to L3 too, but still, same result.

Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: