ACE module client connecting to several realservers while stickyness enabled
I have the following issue with an ACE Module configured for source-destination IP stickyness ("both" keyword).
The client is accessing a web service through a configured VIP. No proxy is used so each individual client IP address is used to establish the connection.
In some cases the client gets connected to the server, when trying to retrieve the information needed he gets blank information from the corporate web page. When this happens the following connections to the realservers are present:
ACE01/WEB# sh conn rserver SERVER1 | include 172.16.88.62 ACE01/WEB# sh conn rserver SERVER2 | include 172.16.88.62 3650 1 in TCP 70 172.16.88.62:3775 172.16.240.25:80 ESTAB ACE01/WEB# sh conn rserver SERVER-3 | include 172.16.88.62 1356 1 in TCP 70 172.16.88.62:3778 172.16.240.25:80 ESTAB 4237 1 in TCP 70 172.16.88.62:3780 172.16.240.25:80 ESTAB 4823 2 in TCP 70 172.16.88.62:3777 172.16.240.25:80 ESTAB
As far as I know, stickyness means that one client should be hitting the same realserver while his connections are active.
The following configuration is been used:
rserver host SERVER1 ip address x.x.x.4 inservice rserver host SERVER2 ip address x.x.x.5 inservice rserver host SERVER3 ip address x.x.x.6 inservice serverfarm host SERVER rserver SERVER1 inservice rserver SERVER2 inservice rserver SERVER3 inservice sticky ip-netmask 255.255.255.0 address both SERVER replicate sticky serverfarm SERVER policy-map type loadbalance http first-match SERVER class class-default sticky-serverfarm SERVER insert-http x-forward header-value "%is" class L4VIPCLASS6 loadbalance vip inservice loadbalance policy SERVER loadbalance vip icmp-reply active loadbalance vip advertise active nat dynamic Y vlan ZZ
Important to mention that this is a random behaviour.
ACE0# sh conn rserver SERVER1 | include 172.16.88.66 72 1 in TCP 70 172.16.88.66:1520 172.16.240.25:80 ESTAB ACE0# sh conn rserver SERVER2 | include 172.16.88.66 4289 1 in TCP 70 172.16.88.66:1522 172.16.240.25:80 ESTAB 1565 2 in TCP 70 172.16.88.66:1523 172.16.240.25:80 ESTAB ACE0# sh conn rserver SERVER3 | include 172.16.88.66 1557 2 in TCP 70 172.16.88.66:1525 172.16.240.25:80 ESTAB
I believe that means something is wrong with stickyness for group SERVER because I'm using the same configuration for groups IPRIS & WEBINT, the same client is connected only to one realserver for those groups.
Regarding the "show resource usage" command output could it be a matter of resources exhausted for stickyness? Current value equals peak value, how could I change this values?
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...