CS-150-LAN extra content rule disables all access to website

Unanswered Question
Sep 21st, 2005
User Badges:

We have a CS-150-LAN Content switch with software version 6.10Build203. Yesterday for no apparent reason we lost connectivity to our website through our CSS. To get around this issue we removed all content rules except for the "everything-else" rule.


owner http://www.acmi.net.au


content AIC

add service acmi-web3

url "//www.acmi.net.au/AIC*"

protocol tcp

port 80

vip address 203.14.59.174


content everything-else

add service acmi-web1

vip address 203.14.59.174

protocol tcp

port 80

active


owner http://www.vceart.com


content everything

add service acmi-web3

vip address 203.14.59.175

protocol tcp

port 80

active


What is happening now is that when l create an addional content rule it then times out all connections to our website http://www.acmi.net.au. If l suspend the additional rule "AIC" the website comes back online. We need these additional content rules for accessing subsites. Please help.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Wed, 09/21/2005 - 23:04
User Badges:
  • Cisco Employee,

Could you get a 'sho service summary' and 'show summary'.

Are your content rules and services all active ?


Was this config working before or since day one, as soon as you configure rule AIC everything fails ?


Could you try to add 'url "/*"' to your everything rule and also add 'no persistent' to all rules.

Finally add the global command 'persistence reset remap' to allow transparent remapping from one service to the other.


Thanks,


Gilles.

simon-galloway Thu, 09/22/2005 - 19:13
User Badges:

Here are the sho service summary and show summmary outputs


Owner Content Rules State Services Service Hits


www.acmi.net.au AIC Suspended acmi-web3 6


everything-else Active acmi-web1 243

acmi-web2 340



www.vceart.com everything Active acmi-web3 23




sec-css-11150# sh service summary


Service Name State Conn Weight Avg State Idx

Load Transitions


acmi-web1 Alive 2 1 2 2 2

acmi-web2 Alive 9 1 23 2 3

acmi-web3 Alive 1 1 17 2 4


The content rule AIC is suspended because if l activate it, it then makes the website www.acmi.net.au unreachable and timesout.


This config was working from day one with the AIC content rule and about another 9 content rules under the owner www.acmi.net.au


If l add the url "/*" command to the content rule "everything-else this also hangs the site www.acmi.net.au

Gilles Dufour Fri, 09/23/2005 - 04:26
User Badges:
  • Cisco Employee,

so what did you change between the moment it was working and the moment it did not ?


Was the CSS rebooted since you made all these changes ?


When it hangs, did you capture a sniffer trace to see if the traffic is forwarded to the server ?


Do you have 'sho summary' showing which rule is being hit when you try to access the website ? [which counter is increasing ?]


Regards,


Gilles.

simon-galloway Tue, 10/25/2005 - 21:17
User Badges:

We had changed nothing prior to this issue.


We have rebooted it acouple of times but this did nothing.


To resolve this issue we had to modify the vip address of the owner rule. The original address had no previous conflicts for that address. ?? We still cannot work out what went wrong. Sorry for the delay in returning your response.

Actions

This Discussion