cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
755
Views
0
Helpful
4
Replies

ACE Sticky Slow-Start License

aeliu
Level 1
Level 1

Hi,all,

I am testing ACE module@7606,

system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_1_69.bin

installed license: ACE-SSL-05K-K9.

I wanta know if it is caused by license,Please help~~:)

Phenomenon:

1. Client sends a HTTP request to server

2. server returns a HTTP response to Client, the response contains a HTTP URL and HTTP body, server sends HTTP URL first, then sends HTTP body right now.

3. Client receives the HTTP URL first, after about 200ms, Client receives the HTTP body.

. Root cause:

1. If ACE receives the HTTP URL from rserver, it forwards the URL to Client. Then ACE will wait for a TCP ACK from client, before ACE receive the TCP ACK from client, it will not forward the HTTP body following to Client, the action is caused by TCP Slow Start algorithm. Windows Client will send the TCP ACK to ACE after about 200ms(40ms for Linux), the action is caused by TCP Delayed ACK algorithm. So from client side, it costs more than 200ms(or 40ms) to receive the entire HTTP response.

. Solution:

1. Disable Slow Start algorithm to VIP on ACE

. Existing Issue:

1. After disable Slow Start algorithm, the response time will be normal if Client access WAPI by VIP with SSL(means HTTPS). But the issue still exist if Client access server by VIP without SSL(means HTTP).

2. I associate a policy of stickiness to VIP, both SSL and non-SSL. If I remove the policy of stickiness, the response time will be normal. It seems the policy of stickiness will make Slow Start algorithm enable.

1 Accepted Solution

Accepted Solutions

It should work.

Send your complete config and sniffer trace.

Also, since your internal cisco employee why don't you try our internal alias ??

G.

View solution in original post

4 Replies 4

Gilles Dufour
Cisco Employee
Cisco Employee

slowstart is disabled by default on ACE.

switch/Admin# show parameter-map AllowMss

Parameter-map : AllowMss

Type : connection

nagle : disabled

slow start : disabled

buffer-share size : 32768

inactivity timeout (seconds) : TCP: 3600, UDP: 120, ICMP: 2

embryonic timeout (seconds) : 5

ack-delay (milliseconds) : 200

But the ack-delay is indeed 200msec.

Try to set the ack-delay to a lower value and see if that improves the situation.

Gilles.

Thank you Gilles,

I changed ack-delay to 1, not work; seems ace take 200ms to waitting for client's response

aeneas

It should work.

Send your complete config and sniffer trace.

Also, since your internal cisco employee why don't you try our internal alias ??

G.

client 10.224.170.51

Vip 10.224.179.20

Nat address 10.224.179.210

Rserver 10.224.178.20

begin with No.519 in Capture file

:) I am not sure which alias best be post, thought this will be more convenient

Aeneas

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: