Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3556
Views
0
Helpful
6
Replies

ACE - drops when traffic goes to backup sfarm

Go to solution
Krzysztof Obara
Level 1
Level 1

‎01-28-2014 02:16 AM

Hello,

Do you have any ideas why ACE drops a lot of packets when primary sfarm is down and all traffic should go to backup sfarm?

I mean about the following statistic:

show serverfarm SFARM detail

...

total conn-dropcount : X <- here

The X number increases when primary sfarm is down but some of traffics are captured by backup sfarm.

In addition, none of resources were exceeded when the first drops appeared.

System version: A2(3.5), ACE module

Regards,

Krzysztof

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Krzysztof Obara

‎01-28-2014 09:51 AM

Hi Krzysztof,

The back up serverfarm comes into picture when the primary is unavailable. Now if all the real servers have reached their connection limit, then no new connections would be served unless the connections fall below the minimum limit configured. But that doesn't cause the ACE to redirect the new connections to backup serverfarm.The default behavior for ACE is to failover when all real servers are down in a serverfarm or you have configured partial serverfarm failover. Below is from user guide:

 A partial server farm failover allows you to specify a failover threshold using the partial-threshold command. The first value that you specify for this command is a percentage of the real servers in a server farm that must remain active for the server farm to stay up. Each time that a server is taken out of service (for example, using the CLI, a probe failure, or the retcode threshold is exceeded), the ACE is updated. If the percentage of active real servers in a server farm falls below the specified threshold, the primary server farm fails over to the backup server farm (if configured).

Regards,

Kanwal

With partial server farm failover configured, the ACE allows current connections on the remaining active servers in the failed primary server farm to complete and redirects any new connection requests to the backup server farm.

To bring the primary server farm back into service, you specify another threshold value for the back-inservice

keyword. When the number of active servers is greater than the configured value for this keyword, the ACE places the primary server farm back in service.

To disable a partial server farm failover and return the ACE behavior to the default of failing over to the backup server (if configured) if all real servers in the server farm go down, enter:

host1/Admin(config-sfarm-host)#

no partial-threshold

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎01-28-2014 06:20 AM

HI Krzysztof,

When the primary serverfarm goes down, it means that all real servers in the farm are down so all the existing connections are dropped and all new connections loadbalanced to backup serverfarm. If there was no backup serverfarm ACE would RST the new connections as well.

Regards,

Kanwal

0 Helpful

Go to solution
Krzysztof Obara
Level 1
Level 1
In response to Kanwaljeet Singh

‎01-28-2014 06:58 AM

Thank you Kanwal for your answer.

I agree but is it a result of using failaction purge?

I don't have that option enabled.

And how to overcome that situation to keep connections established?

Regards,

Krzysztof

0 Helpful

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Krzysztof Obara

‎01-28-2014 07:04 AM

Hi Krzysztof,

When a client sends a request to VIP, ACE forwards it to the real server. Now, if that real server itself is down, there is no way to fail-over that connection to another server. There are two different servers we have here. So when your primary serverfarm goes down because of all real servers going down, the existing connections have to be dropped. They cannot failover to secondary/backup serverfarm with different real servers. The  server in back up serverfarm would have no idea of anything going on between ACE/CLIENT and old real server which is down and it will RST any packet coming towards it except the SYN.

Regards,

Kanwal

0 Helpful

Go to solution
Krzysztof Obara
Level 1
Level 1
In response to Kanwaljeet Singh

‎01-28-2014 09:22 AM

Hi Kanwal,

Sorry, I forgot to add (in my first post), that primary sfarm has connection limit set for each rservers so all rservers are still up but conn-limit should redirect new traffic to backup sfarm.

Do you think .. a good solution for that would be a redirect backup sfarm?

Kind of regards,

Krzysztof

0 Helpful

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Krzysztof Obara

‎01-28-2014 09:51 AM

Hi Krzysztof,

The back up serverfarm comes into picture when the primary is unavailable. Now if all the real servers have reached their connection limit, then no new connections would be served unless the connections fall below the minimum limit configured. But that doesn't cause the ACE to redirect the new connections to backup serverfarm.The default behavior for ACE is to failover when all real servers are down in a serverfarm or you have configured partial serverfarm failover. Below is from user guide:

 A partial server farm failover allows you to specify a failover threshold using the partial-threshold command. The first value that you specify for this command is a percentage of the real servers in a server farm that must remain active for the server farm to stay up. Each time that a server is taken out of service (for example, using the CLI, a probe failure, or the retcode threshold is exceeded), the ACE is updated. If the percentage of active real servers in a server farm falls below the specified threshold, the primary server farm fails over to the backup server farm (if configured).

Regards,

Kanwal

With partial server farm failover configured, the ACE allows current connections on the remaining active servers in the failed primary server farm to complete and redirects any new connection requests to the backup server farm.

To bring the primary server farm back into service, you specify another threshold value for the back-inservice

keyword. When the number of active servers is greater than the configured value for this keyword, the ACE places the primary server farm back in service.

To disable a partial server farm failover and return the ACE behavior to the default of failing over to the backup server (if configured) if all real servers in the server farm go down, enter:

host1/Admin(config-sfarm-host)#

no partial-threshold

0 Helpful

Go to solution
Krzysztof Obara
Level 1
Level 1
In response to Kanwaljeet Singh

‎01-28-2014 02:03 PM

Thank you Kanwal for explaination

That feature looks great and it seems that properly mixing conn-limit with partial-threshold can give a very good result and properly redirect traffic to backup sfarm.

Regards,

Krzysztof

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents