Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2435
Views
0
Helpful
5
Replies

ACE sticky problem

chris
Level 1
Level 1

‎03-14-2011 08:12 AM

Hi,

I have an issue with sticky server that I’m hope might just be a command I’m missing.

I am inserting a cookie and the sticky works fine.

When my browser has a successful sticky connection i take the server that has the sticky connection out of service. I try to make another connection, i see the connection round robin to all remaining servers but i don’t get a successful connection i do see the connection failure count increment on all other servers in the farm. Only when i bring the server back into service can i get a successful connection.

Any advice appreciated.

Sticky config below.

sticky http-cookie WEB-Cookie-1 WEB-Sticky-1
  cookie insert
  serverfarm WEB-SERVERS-80

Code

Version A3(2.0) [build 3.0(0)A3(2.0

Thanks

Chris

Labels:
0 Helpful
5 Replies 5

stmccabe
Cisco Employee
Cisco Employee

‎03-14-2011 08:51 PM

Hello Chris, This will be an easy fix for you.  The command you are looking for is defined under the serverfarm inwhich you are creating sticky entries against.. You need to add a failaction.. I'm pasting the command syntax and options for the command.. Based on your breif description failaction purge will give you the desired result:

(config-sfarm-host) failaction

To configure the action that the ACE takes if a real server in a server farm goes down, use the failaction command. Use the no form of this command to reset the ACE to its default of taking no action when a server fails.

failaction {purge | reassign [across-interface]}

no failaction

Syntax Description

purge

Specifies that the ACE remove the connections to a real server if that  real server in the server farm fails after you configure this command.  The appliance sends a reset (RST) both to the client and to the server  that failed.

reassign

Specifies that the ACE reassigns existing server connections to the  backup real server, if a backup real server is configured. If no backup  real server is configured, this keyword has no effect.

across-interface

(Optional) Instructs the ACE to reassign all connections from the failed  real server to a backup real server on a different VLAN that is  commonly referred to as a bypass VLAN. By default, this feature is  disabled.

0 Helpful

chris
Level 1
Level 1
In response to stmccabe

‎03-15-2011 03:56 AM

Hi Stmccabe

Thanks for the response unfortunately it hasn’t fixed my issue.

I have done some further investigation, subsequent connection from my browsers hit the ACE and increment the failure count on all other servers in the farm but i don’t believe any request is being sent to the farm.

If i delete my cookie from the browser i then get a successful connection to another server.

So i believe that the ACE is receiving my request, load balancing it to other servers in the farm and then rejecting the connection because the cookie value doesn’t apply to that server.

How do i work around this, have i not configured it correctly or is it a bug?

Thanks

Chris

0 Helpful

kashman37
Level 1
Level 1
In response to chris

‎03-15-2011 05:58 AM

Hi Chris,

you can try to add "cookie insert browser-expire" so the coockie expires everytime the user closes the browser. This will make sure that the new request will stick to another server and not the server that is out of service.

Code:


sticky http-cookie WEB-Cookie-1 WEB-Sticky-1
cookie insert browser-expire
serverfarm WEB-SERVERS-80

If you want to avoid this problem you will need to wait for all the connection to complete after you gracefully shut down your server. Otherwise, if you have ssl and take rserver in server-farm outofservice while connections are active you will get disconnections and no service. On the other hand, if you dont have SSL configured and you take the rserver in server-farm outofservice, ACE will serve all current connections and will stop accepting new ones. So drain your server ahead of time if you have SSL Configured.

I think there is a way to put the rserver in serverfarm "inservice standby" this will not cause SSL connections to loose service rather it will gracefully shutdown the server allowing the SSL connection to finish and not accept new connections.

I hope it helps.

0 Helpful

chris
Level 1
Level 1
In response to kashman37

‎03-15-2011 09:14 AM

Kashman37,

Thanks for the suggestion, but same issue occurrs when i have the command present, i'm going for a software upgrade to rule that out.....

0 Helpful

chris
Level 1
Level 1
In response to chris

‎03-17-2011 08:19 AM

Quick update to say that upgrading the software fixed the issue, no alteration to configuration was required, thanks all for input and suggestions.

Chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents