ACE error: Maximum 10 http header map is allowed per policy

net-harry · ‎09-19-2009

Hi,

I get the error above when I try to add additional sticky serverfarms to a policy map on our ACE 4710s:

sticky http-cookie ACE-PROJECT1 PROJECT1-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT1-SERVERFARM

sticky http-cookie ACE-PROJECT2 PROJECT2-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT2-SERVERFARM

sticky http-cookie ACE-PROJECT3 PROJECT3-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT3-SERVERFARM

sticky http-cookie ACE-PROJECT4 PROJECT4-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT4-SERVERFARM

sticky http-cookie ACE-PROJECT5 PROJECT5-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT5-SERVERFARM

sticky http-cookie ACE-PROJECT6 PROJECT6-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT6-SERVERFARM

sticky http-cookie ACE-PROJECT7 PROJECT7-SERVERFARM-STICKY

cookie insert browser-expire

timeout 60

serverfarm PROJECT7-SERVERFARM

class-map match-all PROJECT-NONPROD-CLASS

2 match virtual-address x.x.x.x tcp eq https

class-map match-all PROJECT-NONPROD-CLASS-REDIRECT

2 match virtual-address x.x.x.x tcp eq www

class-map type http loadbalance match-all PROJECT4-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT4.examples.com"

class-map type http loadbalance match-all PROJECT5-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT5.examples.com"

class-map type http loadbalance match-all PROJECT6-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT6.examples.com"

class-map type http loadbalance match-all PROJECT1-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT1.examples.com"

class-map type http loadbalance match-all PROJECT2-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT2.examples.com"

class-map type http loadbalance match-all PROJECT3-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT3.examples.com"

class-map type http loadbalance match-all PROJECT7-HOST-HEADER-CLASS

2 match http header Host header-value "PROJECT7.examples.com"

policy-map type loadbalance first-match PROJECT-NONPROD-LOADBALANCE-POLICY

class PROJECT1-HOST-HEADER-CLASS

sticky-serverfarm PROJECT1-SERVERFARM-STICKY

class PROJECT2-HOST-HEADER-CLASS

sticky-serverfarm PROJECT2-SERVERFARM-STICKY

class PROJECT3-HOST-HEADER-CLASS

sticky-serverfarm PROJECT3-SERVERFARM-STICKY

class PROJECT4-HOST-HEADER-CLASS

sticky-serverfarm PROJECT4-SERVERFARM-STICKY

class PROJECT5-HOST-HEADER-CLASS

sticky-serverfarm PROJECT5-SERVERFARM-STICKY

class PROJECT6-HOST-HEADER-CLASS

sticky-serverfarm PROJECT6-SERVERFARM-STICKY

class class-default

drop

ACE1/PROJECT-CONTEXT# conf t

ACE1/PROJECT-CONTEXT(config)# policy-map type loadbalance first-match PROJECT-NONPROD-LOADBALANCE-POLICY

ACE1/PROJECT-CONTEXT(config-pmap-lb)# class PROJECT7-HOST-HEADER-CLASS

ACE1/PROJECT-CONTEXT(config-pmap-lb-c)# sticky-serverfarm PROJECT7-SERVERFARM-STICKY

Error: Maximum 10 http header map is allowed per policy

ACE1/PROJECT-CONTEXT(config-pmap-lb-c)# serverfarm PROJECT7-SERVERFARM

ACE1/PROJECT-CONTEXT(config-pmap-lb-c)#

As you can se above I am allowed to add another non-sticky serverfarm, but not a sticky which is what I would like to do.

I searched for the error and came up with bug CSCsr28182, but that does not really seem to apply in my case since I do not have 10 http header map statements.

Does anyone have any idea why I get this error message?

We are running version A3(2.3).

Best regards,

Harry

Gilles Dufour · ‎09-21-2009

Actually it is not just header-map.

It is 10 regular expression.

Each header-map consume 1 regexp.

Each sticky cookie consume also 1 regexp.

So, you have hit the limit.

Try to combine header-maps.

Gilles.

net-harry · ‎09-22-2009

Hi again,

Thanks for the answer!

I still do not quite understand how it works with the limit of 10 regular expressions.

In my configuration I have 7 header maps and I am allowed to enter 6 sticky maps, but not 7. It seems in that case like 13 regexs are allowed, but not 14?

Are there any plans for increasing the number of allowed regular expressions in future releases?

Best regards,

Harry

Gilles Dufour · ‎09-22-2009

I was able to install your config on my device running A3(2.2).

switch/Ispace(config-pmap-lb-c)# do sho run policy-map | be PROJECT-NONPROD-LOADBALANCE-POLICY

Generating configuration....

policy-map type loadbalance first-match PROJECT-NONPROD-LOADBALANCE-POLICY

class PROJECT1-HOST-HEADER-CLASS

sticky-serverfarm PROJECT1-SERVERFARM-STICKY

class PROJECT2-HOST-HEADER-CLASS

sticky-serverfarm PROJECT2-SERVERFARM-STICKY

class PROJECT3-HOST-HEADER-CLASS

sticky-serverfarm PROJECT3-SERVERFARM-STICKY

class PROJECT4-HOST-HEADER-CLASS

sticky-serverfarm PROJECT4-SERVERFARM-STICKY

class PROJECT5-HOST-HEADER-CLASS

sticky-serverfarm PROJECT5-SERVERFARM-STICKY

class PROJECT6-HOST-HEADER-CLASS

sticky-serverfarm PROJECT6-SERVERFARM-STICKY

class PROJECT7-HOST-HEADER-CLASS

sticky-serverfarm PROJECT7-SERVERFARM-STICKY

class class-default

drop

You should probably open a service request so we can look at the complete config.

Gilles.