backup rserver with sticky configured

Unanswered Question
Jul 26th, 2010
User Badges:

Hi,


I would like to ask regarding the configuration for the backup rserver with sticky configured.  /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:SimSun; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

This is not documented in the Cisco guides.


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:SimSun; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Suppose the real server1 fails and connections are diverted to server2. Then server1 resumes service. What happens to existing connections on server2 and the new connections?


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:SimSun; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

serverfarm SFARM1

rserver SERVER1

  backup-rserver SERVER2

  inservice

rserver SERVER2

  inservice standby




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
yushimaz Mon, 08/02/2010 - 01:34
User Badges:
  • Cisco Employee,

- Existing connections keep accessing server2.


- If a new client request (connection) matches a sticky entry for server2, ACE forwards this request to server2.


ACE looks up sticky entries and use server2 since standby state is handled as UP.


- If a new client request (connection) doesn't match any sticky entry for server2, ACE forwards this request to server1.

If you want to use server1 after coming back OPERATIONAL, I recommend you use 'backup serverfarm' without sticky option as below.
---


serverfarm SFARM1

rserver SERVER1

  inservice


serverfarm SFARM2

rserver SERVER2

  inservice


sticky ip-netmask 255.255.255.255 address both sticky_ip

  serverfarm SFARM1 backup SFARM2

---




The following is a test result of standby rserver and sticky ip.


ACE20a/Admin# sh rserver



rserver              : sv1, type: HOST

state                : OPERATIONAL (verified by arp response)

---------------------------------

                                                ----------connections-----------

       real                  weight state        current    total

   ---+---------------------+------+------------+----------+--------------------

   serverfarm: sf

       192.168.72.11:0       8      PROBE-FAILED 0          2


rserver              : sv2, type: HOST

state                : OPERATIONAL (verified by arp response)

---------------------------------

                                                ----------connections-----------

       real                  weight state        current    total

   ---+---------------------+------+------------+----------+--------------------

   serverfarm: sf

       192.168.72.12:0       8      OPERATIONAL  0          8


ACE20a/Admin#


!___ access from client to ACE vip


ACE20a/Admin# sh sticky database

sticky group : sticky_ip

type         : IP

timeout      : 1440          timeout-activeconns : FALSE

  sticky-entry          rserver-instance                 time-to-expire flags

  ---------------------+--------------------------------+--------------+-------+

  13882423967172020068  sv2:0                            86384          -

!___ ACE learns client address and registers the entry


ACE20a/Admin#

ACE20a/Admin# sh rserver


rserver              : sv1, type: HOST

state                : OPERATIONAL (verified by arp response)

---------------------------------

                                                ----------connections-----------

       real                  weight state        current    total

   ---+---------------------+------+------------+----------+--------------------

   serverfarm: sf

       192.168.72.11:0       8      OPERATIONAL  0          2

!___ return OPERATIONAL


rserver              : sv2, type: HOST

state                : OPERATIONAL (verified by arp response)

---------------------------------

                                                ----------connections-----------

       real                  weight state        current    total

   ---+---------------------+------+------------+----------+--------------------

   serverfarm: sf

       192.168.72.12:0       8      STANDBY      0          9

!___ return STANDBY


ACE20a/Admin# sh sticky database

sticky group : sticky_ip

type         : IP

timeout      : 1440          timeout-activeconns : FALSE

  sticky-entry          rserver-instance                 time-to-expire flags

  ---------------------+--------------------------------+--------------+-------+

  13882423967172020068  sv2:0                            86356          -

!___ ACE keeps sticky entry to server2.

ACE20a/Admin#


!___ access from client with new syn packet


ACE20a/Admin# sh sticky database

sticky group : sticky_ip

type         : IP

timeout      : 1440          timeout-activeconns : FALSE

  sticky-entry          rserver-instance                 time-to-expire flags

  ---------------------+--------------------------------+--------------+-------+

  13882423967172020068  sv2:0                            86389          -

!___ use this sticky entry (time-to-expire flag is reset) and send packets to server2

ACE20a/Admin#


ACE20a/Admin# sh ver | i image

  system image file: [LCP] disk0:c6ace-t1k9-mz.A2_3_1.bin


jsarausos Mon, 08/02/2010 - 02:02
User Badges:

Hi Yushimaz,


Thanks for your insightful and very helpful reply.


However I would like to confirm with you on something:


So when server1 goes to operational, server2 will still take in connections as long as it have an entry in its sticky table database.  Will the server2 stops taking connections once all of its sticky database is cleared?


Thanks!

yushimaz Mon, 08/02/2010 - 19:13
User Badges:
  • Cisco Employee,

Hi jsarausos


When sticky database is cleared by clear sticky database command or timed out,

new connection will forward to server1 but existing connection will keep the connection

to server2 since ACE looks up connection table.


If you use sticky cookie insert feature, you may have to remove cookie by hand or

use browser-expire option since sticky database has never expired.



The following is the behavior after sticky database on ACE is cleared.



ACE20a/Admin# sh sticky database

sticky group : sticky_ip

type         : IP

timeout      : 1440          timeout-activeconns : FALSE

  sticky-entry          rserver-instance                 time-to-expire flags

  ---------------------+--------------------------------+--------------+-------+

  13882423967172020068  sv2:0                            86373          -

!___ primary rserver went down and then ACE learned a sticky entry for sv2.

ACE20a/Admin#

ACE20a/Admin# clear sticky database all

!___ issued clear command to remove all sticky entries

ACE20a/Admin# sh sticky database

ACE20a/Admin#

!___ all entries were cleared and then client sent a new request.

ACE20a/Admin# sh sticky database

sticky group : sticky_ip

type         : IP

timeout      : 1440          timeout-activeconns : FALSE

  sticky-entry          rserver-instance                 time-to-expire flags

  ---------------------+--------------------------------+--------------+-------+

  13882423967172020068  sv1:0                            86395          -

!___ ACE sent this request to server1 and created the entry.

ACE20a/Admin#



Regards,

Yuji

Actions

This Discussion