Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3140
Views
4
Helpful
2
Replies

ACE Sticky Connections, Show Conn Output and Show serverfarm

Plinio Brandao
Level 1
Level 1

‎03-24-2012 08:00 PM

Hi Community,

I'm deploying a Cisco ACE module and I have some questions about sticky connections and about the output of the show conn command and show serverfarm command.

I have the follwoing configuration:

rserver host srv_1
  ip address 10.4.11.14
  inservice
rserver host srv_2
  ip address 10.4.11.18
  inservice
serverfarm host farm_144
  rserver srv_1 144
    weight 1
    inservice
  rserver srv_2 144
    weight 3
    inservice


sticky ip-netmask 255.255.255.255 address source st_host144


  timeout 10080


  serverfarm farm_144


class-map match-all vip_144


  2 match virtual-address 10.4.11.208 tcp eq 143


policy-map type loadbalance first-match lb_144


  class class-default


policy-map multi-match policy_vip_webcache


  class vip_webcache_144


    loadbalance vip inservice


    loadbalance policy lb_144


    loadbalance vip icmp-reply active


    nat dynamic 411 vlan 411

We can assume that service policy was applied at the interface vlan. So, let's go to the questions:

1- If sticky is enabled the output command "show conn" should show just one entry by ip address?

The real output is:

DC01-ACE-01-PRIMARY-SW1/context_servidores# show conn | inc :143
333046     1  in  TCP   411  10.2.158.87:3616      10.4.11.208:143       ESTAB 
286390     3  in  TCP   411  10.2.158.87:3562      10.4.11.208:143       ESTAB
310233     1  in  TCP   411  10.1.5.87:3424        10.4.11.208:143       ESTAB

Look that the ip address 10.2.158.87 is shown 2 times. In same times, the same ip address is shown 4 times to the same VIP and the same port. Is it a normal behavior?

2- According to the configuration, the srv_2 has weight 3 and srv_1 has weigth 1, but the output of show serverfarm show somethin strange:

DC01-ACE-01-PRIMARY-SW1/context_servidores# show serverfarm farm_144
 serverfarm     : farm_144, type: HOST
 total rservers : 2
 state          : ACTIVE
 DWS state      : DISABLED
 ---------------------------------
                                                ----------connections-----------
       real                  weight state        current    total      failures 
   ---+---------------------+------+------------+----------+----------+---------
   rserver: srv_1
       10.4.11.14:144        1   OPERATIONAL     11         386        0
   rserver: srv_2
       10.4.11.18:144        3   OPERATIONAL     35         66         0

We can see that the weight is working good, but the total of connections is higher at srv_1 than srv_2. Why?

Somebody can help me to understand better this problem of if its a normal behavior?

Thanks in advance!!

Labels:
0 Helpful
2 Replies 2

gaursin2
Level 1
Level 1

‎03-29-2012 06:43 PM

Hi

Answer to your first q? will be that "show conn" for a L4 policy map will show every connection with different "SIP,SPORT,DIP and DPORT". So if any variable i amobg four change it will  be a new connection (despite of source sticky). in your case I can see the SPORT for two connection of 10.2.158.87 is different. So although because of SOURCE STICKY they will hit same rserver but conection will be two.

Regarding second q? i can see there is server1 is showing a lot more connection than server2 despite weight of server2 is triple to that of server1. but again you are using SOURCE STICKY, so there might be a possibillity that source IP's stick with server1 opens a lot more conection than comapre to IP's bind with server2. Weight will come in picture for every new connection from every new IP (which has not binded to sticky).

hope it resolves your query.....

Plinio Brandao
Level 1
Level 1
In response to gaursin2

‎03-30-2012 07:54 AM

Hi Gaurav,

About question 1, I got some informations too. It's perfectly normal the client open 2 or more connections at the same time. The client's application is the responsable. We removed the ACE and put the client directly to the server and the result of the total connections opened was the same.

About question 2, I made some "clears" on the serverfarm, the sticky database and after that, the numbers were more real.

DC01-ACE-02-SECONDARY-SW1/context_servidores# sh serverfarm farm_webcache_144 






 serverfarm     : farm_webcache_144, type: HOST


 total rservers : 2


 state          : ACTIVE


 DWS state      : DISABLED


 ---------------------------------


                                                ----------connections-----------


       real                  weight state        current    total      failures 


   ---+---------------------+------+------------+----------+----------+---------


   rserver: srv_webcache_1


       10.4.11.14:144        1   OPERATIONAL     1025       15499      4436


   rserver: srv_webcache_2


       10.4.11.18:144        2   OPERATIONAL     1794       33471      471






DC01-ACE-02-SECONDARY-SW1/context_servidores#

Anyway thank you very much for your feedback.

Plínio Monteiro

0 Helpful
Customers Also Viewed These Support Documents