Solved: ACE dynamic configuration

michaelhostbaek · ‎08-04-2014

Hi group,

First off, thanks for the many insightful comments and answers that can be found on this forum.

I am using a Cisco ACE for load-balancing my website, the current configuration looks something like this:

probe tcp PROBE_TCP
port 80
interval 5

rserver host ns123
ip address 172.16.0.50
conn-limit max 50000 min 40000
inservice
rserver host ns124
ip address 172.16.0.40
conn-limit max 50000 min 40000
inservice
rserver host ns125
ip address 172.16.0.30
conn-limit max 50000 min 40000
inservice

serverfarm host FARM_WEB
predictor leastconns
probe PROBE_TCP
rserver ns123
inservice
rserver ns124
inservice
rserver ns125
inservice

parameter-map type http HTTP_PARAMETER_MAP
case-insensitive
persistence-rebalance
set header-maxparse-length 65535
set content-maxparse-length 65535
length-exceed continue
parsing non-strict

sticky http-cookie ACE-Insert web-sticky
cookie insert browser-expire
serverfarm FARM_WEB
timeout 5

class-map match-all L4-WEB-IP
2 match virtual-address [my ip] tcp eq www

policy-map type loadbalance http first-match WEB_L7_POLICY
class class-default
sticky-serverfarm web-sticky
insert-http x-forward header-value "%is"

policy-map multi-match WEB-to-vIPs
class L4-WEB-IP
loadbalance vip inservice
loadbalance policy WEB_L7_POLICY
loadbalance vip icmp-reply active
nat dynamic 1 vlan [my vlan]
appl-parameter http advanced-options HTTP_PARAMETER_MAP

[and some interface stuff]

Everything works as it should!! Pheew :-)

Now, I'd like to introduce another device into this scenario (a varnish cache server) - and if the varnish cache server (let's call this vc130) is up and running, it should send all traffic to this server - if the varnish cache server is down, on not replying on port 80 - it should fall back to this current scenario.

Is this at all possible with the Cisco ACE? If so, can someone point into the right direction in setting this up?

Many thanks,

Mike

system image file: [LCP] disk0:c6ace-t1k9-mz.A5_2_2.bin

Kanwaljeet Singh · ‎08-04-2014

Hi Mike,

So you will configure a new serverfarm, add real servers etc and put that serverfarm as backup serverfarm under L7 policy map. So let's say you have serverfarm "test" which you want as back up.

policy-map type loadbalance http first-match WEB_L7_POLICY
class class-default
sticky-serverfarm web-sticky backup test------>This is where you will specify the backup serverfarm.
insert-http x-forward header-value "%is"

Nothing else needs to be done. You will have probes etc in the same way as you have for regular serverfarm. For more details please visit the below link:

http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA4_2_0/configuration/slb/guide/slbcfggd/rsfarms.html#wp1050058

Let me know if you have any questions.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

View solution in original post

Kanwaljeet Singh · ‎08-06-2014

Hi Michael,

Yes, you can use backup command under sticky group and specify the backup serverfarm there with sticky keyword. But remember if you have sticky configured for backup serverfarm, even when the primary serverfarm comes back as "operational", the connections which have sticky entry in DB for servers in backup serverfarm, will continue to be served by the backup serverfarm.

If your primary serverfarm is APP1-SF1 & Backup serverfarm is APP1-SF2

you need to configure....

sticky ip-netmask 255.255.255.255 address source APP1-sticky

timeout 60

serverfarm APP1-SF1 backup App1-SF2 sticky--->This will ensure that sticky is applied to backup serverfarm too.

For more details please visit the below link:

http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA4_2_0/configuration/slb/guide/slbcfggd/sticky.html#wp1137791

Section: Backup Server Farm Behavior with Stickiness

Regards,

Kanwal

Note: Please mark answers if they are helpful

View solution in original post

Kanwaljeet Singh · ‎08-04-2014

Hi Michael,

I am not sure i get your question here. You want to add another server in the serverfarm or you want another serverfarm and that serverfarm should handle everything but if that goes down, the traffic shall fall back to this one. Yes, that can be done using "backup serverfarm" configuration but i am not sure if that is what you are looking for. I did not get the requirement here. Kindly explain it and i will be glad to help.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

michaelhostbaek · ‎08-04-2014

Hi Kanwal,

Thanks for your reply!

That's exactly what I want do, so I create another farm (like FARM_WEB) and I set the current one as backup farm?

Do you have an example on how this is configured?

Also, what is the minimum convergence time that can we setup?

Many thanks,

Mike

Kanwaljeet Singh · ‎08-04-2014

Hi Mike,

So you will configure a new serverfarm, add real servers etc and put that serverfarm as backup serverfarm under L7 policy map. So let's say you have serverfarm "test" which you want as back up.

policy-map type loadbalance http first-match WEB_L7_POLICY
class class-default
sticky-serverfarm web-sticky backup test------>This is where you will specify the backup serverfarm.
insert-http x-forward header-value "%is"

Nothing else needs to be done. You will have probes etc in the same way as you have for regular serverfarm. For more details please visit the below link:

http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA4_2_0/configuration/slb/guide/slbcfggd/rsfarms.html#wp1050058

Let me know if you have any questions.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

michaelhostbaek · ‎08-06-2014

Hello again,

How about the sticky cookie:

sticky http-cookie ACE-Insert web-sticky
cookie insert browser-expire
serverfarm FARM_WEB
timeout 5

should I create something similar for the BACKUP_FARM ?
or can I add several FARMS to the same sticky section?

thanks,

Kanwaljeet Singh · ‎08-06-2014

Hi Michael,

Yes, you can use backup command under sticky group and specify the backup serverfarm there with sticky keyword. But remember if you have sticky configured for backup serverfarm, even when the primary serverfarm comes back as "operational", the connections which have sticky entry in DB for servers in backup serverfarm, will continue to be served by the backup serverfarm.

If your primary serverfarm is APP1-SF1 & Backup serverfarm is APP1-SF2

you need to configure....

sticky ip-netmask 255.255.255.255 address source APP1-sticky

timeout 60

serverfarm APP1-SF1 backup App1-SF2 sticky--->This will ensure that sticky is applied to backup serverfarm too.

For more details please visit the below link:

http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA4_2_0/configuration/slb/guide/slbcfggd/sticky.html#wp1137791

Section: Backup Server Farm Behavior with Stickiness

Regards,

Kanwal

Note: Please mark answers if they are helpful

michaelhostbaek · ‎08-06-2014

oh, and the backup command did not work:

sticky-serverfarm web-sticky backup VARNISH

% long command detected at '^' marker.

Kanwaljeet Singh · ‎08-06-2014

Hi Michael,

I am able to do it. It seems you are not able to add the backup serverfarm under L7 policy map. Did you add the backup serverfarm for sticky too? Can you share the exact configuration and errors you are getting.

Regards,

Kanwal

Note: Please mark answers if they are helpful