We have a ACE 4710 balancing traffic for servers. One of the use case is, two servers, server1 is the primary and server2 is its backup. We also use sticky table based on source IP. Here is our configuration sample.
So, normally, server1 is in operational and server2 is in standby. When server1 is failed, server2 goes to operational state and connections go to server2. So far everything is running fine.
When server1 back to service, Server1 is back to Operational state and server2 back to standby again. Now, here comes the question. when a new connection comes in, I am expecting it is being directed to server1. However, because in the sticky table it has entry to point to server2, the conn is still sent to server2. I can see a new conn being establised to server2 from the show conn command.
Shouldn't the ACE check the server in operational state first, and then search sticky table according to the server status? Is there any commond I missed?
That is the expected behavior. New connection which don't match the sticky entries would be sent to the server1 but the connections which does match will stick to server 2. Otherwise it would break the persistence. Below is applying the command to primary server but behavior should remain same in your case as well.
The inservice standby command instructs the ACE to do the following:
•Tear down existing non-TCP connections to the server
•Allow current TCP connections to complete
•Allow new sticky connections for existing server connections that match entries in the sticky database
•Load balance all new connections (other than the matching sticky connections mentioned above) to the other servers in the server farm
•Eventually take the server out of serviceThe inservice standby command instructs the ACE to do the following:
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...