i've got a pretty strange problem with load balancing with some l4payload criteria. i'll show you configuration (DNS stuff):
class-map type generic match-any dns_regex
5 match layer4-payload offset 20 regex ".*corp100.100.*"
class-map type generic match-any dns_regex2
5 match layer4-payload offset 20 regex ".*corp099.100.*"
class-map match-all DNS_VIP
5 match virtual-address 192.168.1.100 udp eq domain
parameter-map type dns DAS_TEST
timeout query 2
policy-map type loadbalance generic first-match dns_regex
loadbalance vip inservice
loadbalance policy dns_regex
loadbalance vip icmp-reply active
appl-parameter dns advanced-options DAS_TEST
inspect dns maximum-length 2048
quite easy...configuration, quite hard behaviour .
if i do first query with stuff like corp099.100 all works and i can see some hit on service policy. Strange thing is that if i do query with corp100.100 i cannot see any new hit on other server farm, most strange is that if i do a query for corp091.100 all works (is not allowed from class-map)....so if i perform a clear conn all and i try again to query to corp091.100 does'n't work. Odd again, if i do another query to allowed regex expression like corp100.100 all works (of course) and if i try again to unallowed query i can perform it. So if a conn is open other connection use same socket or it seems so...
DO you thing is a bug?
PS: ace module release A2.1(0)