Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
455
Views
0
Helpful
3
Replies

ACE class-map match operation

KAROLY KOHEGYI
Level 2
Level 2

‎11-17-2008 05:31 AM

Hi,

Below the base configuration which worked properly. The stressed tcp port connections were forwarded to server B while

any other connections were forwarded to server A by ACE.

rserver A

rserver B

Serverfarm A

rserver A

Serverfarm B

rserver B

class-map A

2 match virtual-address 1.1.1.1 any

class-map B

2 match virtual-address 1.1.1.1 tcp eq 80

3 match virtual-address 1.1.1.1 tcp eq 81

4 match virtual-address 1.1.1.1 tcp eq 82

5 match virtual-address 1.1.1.1 tcp eq 83

6 match virtual-address 1.1.1.1 tcp eq 84

.

.

16 match virtual-address 1.1.1.1 tcp eq 94

policy-map load-balance A

serverfarm A

policy-map load-balance B

serverfarm B

policy-map multi-match

class B

load-balance policy B

class A

load-balance policy A

-----------------------------------------------

After below modification the tcp port 101 connections were forwarded to server A although

it must be forwarded to Server B.

class-map B

17 match virtual-address 1.1.1.1 tcp eq 100

18 match virtual-address 1.1.1.1 tcp eq 101

I had to clear the multi-match policy and rebuild again for correct operation.

Because we will have to do same configurations ( expanding the class-map B with TCP ports ) in the config on the future i would like to know what would be happened in the ACE.

Thank in advance!

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎11-17-2008 08:02 AM

what version ?

0 Helpful

KAROLY KOHEGYI
Level 2
Level 2
In response to Gilles Dufour

‎11-17-2008 08:06 AM

Hi,

Software

loader: Version 12.2[120]

system: Version A2(1.1) [build 3.0(0)A2(1.1) adbuild_00:25:02-2008/06/05_/auto/adbu-rel3/rel_a2_1_1_throttle/REL_3_0_0_A2_1_1]

system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_1.bin

installed license: no feature license is installed

0 Helpful

KAROLY KOHEGYI
Level 2
Level 2

‎11-24-2008 06:15 AM

Hi,

the above mentioned situation apeared again.

now the rebuild does not help.

the class map

class-map match-any SZERBSMS

2 match virtual-address 10.42.4.1 tcp eq 5700

3 match virtual-address 10.42.4.1 tcp eq 5660

policy-map type loadbalance first-match SZERB-SMS

class class-default

serverfarm SZERBSMS

rserver host SZERBSMS

ip address 192.168.40.97

inservice

show conn output

Lajos-ACE/Admin# show conn | i 5660

2695 1 in TCP 73 129.3.1.189:1767 10.42.4.1:5660 ESTAB

5460 1 out TCP 91 192.168.40.97:5660 129.3.1.189:1767 ESTAB

Lajos-ACE/Admin# show conn | i 5700

3003 2 in TCP 73 129.3.1.189:1768 10.42.4.1:5700 ESTAB

1901 2 out TCP 94 192.168.40.185:5700 129.3.1.189:1768 ESTAB

there is not any other rule which uses the tcp 5700 port and no other VIP setting for 10.42.4.1 and any.

in spite of above every incoming connections to tcp 5700 are forwarded by ACE to wrong rserver.

very urgent!

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents