ACE VIP when using sticky and all servers offline does refuse TCP connect

Unanswered Question
Nov 5th, 2009
User Badges:

If the VIP uses a serverfarm and all servers are down, the TCP connections to the VIP are refused. Good.

If I use the same serverfarm in a sticky-serverfarm then the TCP connections to the VIP are not refused.

Are there anything that can be done to make it work the same for sticky as for non-sticky.

We run A2(1.3) software.

Relevant config:

parameter-map type http http_parameter_map


rserver host alp-kunde-004

ip address


rserver host alp-kunde-005

ip address


serverfarm host HTTP-back.kunde.com12100

probe Probe-HTTP12100

rserver alp-kunde-004 12100


rserver alp-kunde-005 12100


sticky http-cookie ACE-COOKIE STICKY-HTTP-back.kunde.com12100

cookie insert browser-expire

replicate sticky

serverfarm HTTP-back.kunde.com12100

class-map match-all HTTP-Inbound-back.kunde.com_TCP12100

2 match virtual-address x.x.x.x tcp eq 12100

policy-map type loadbalance first-match Forward-to-RealServer-back12100

class class-default

sticky-serverfarm STICKY-HTTP-back.kunde.com12100

policy-map multi-match TRAFFIC-TO-VIP

class HTTP-Inbound-back.kunde.com_TCP12100

loadbalance vip inservice

loadbalance policy Forward-to-RealServer-back12100

loadbalance vip icmp-reply active

nat dynamic 58 vlan 1870

appl-parameter http advanced-options http_parameter_map

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Thu, 11/05/2009 - 23:51
User Badges:
  • Cisco Employee,

Your sticky setup makes the connection L7.

So we spoof the connection and will always terminate it.

Which means we will always complete the TCP 3-way handshake, wait for the data from the client and then try to locate a server.

Only then we see there is no server available and we close the connection.

If you change your sticky rule to sticky source ip, you then keep the rule as L4 instead of L7 and we can detect the server down with the first SYN.



This Discussion