Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACE: What is the mask signifies: sticky ip-netmask 255.255.255.0

I'm after explanation of what exactly the mask signifies below, and does it limit the number of connections allowed?

sticky ip-netmask 255.255.255.0 address source Group1

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: ACE: What is the mask signifies: sticky ip-netmask 255.255.2

Hi,

imagine you have 2 servers in your serverfarm and source stickieness is configured like in your example.

3 clients connect to the VIP.

Client A - 192.168.0.5

Client B - 192.168.1.20

Client C - 192.168.0.99

Now, client A is the first to connect to the VIP. The ACE sees it should perform stickiness for that VIP, and checks its Sticky database, but doesn't find an entry for client A. It loadbalances via the default algorithm and finds that client A should connect to server 2, and creates an entry in its sticky table:

192.168.0.0/24 -> server 2

Client B connects, same story... is loadbalanced to server 1 and entry is created:

192.168.1.0/24 -> server 1

Then, client C comes. ACE checks his sticky table and sees an entry exists that matches client C:

192.168.0.0/24 -> server 2

Client C is then loadbalanced to server 2.

To make a long story short :)

the ip-netmask will create sticky entries in the sticky table, using the source address of the client, but ONLY for the part matching the ip-netmask.

if the ip-netmask would have been 255.255.255.255 in our previous example, all 3 clients would have been load-balanced differently, and 3 different entries would have been created in the sticky table.

if the ip-netmask would have been 255.255.0.0 in our previous example, all 3 clients would have been load-balanced identically, and only 1 entrie would have been created in the sticky table.

If this was helpful, please rate.

Kind regards,

Dario

3 REPLIES
Silver

Re: ACE: What is the mask signifies: sticky ip-netmask 255.255.2

Hi,

imagine you have 2 servers in your serverfarm and source stickieness is configured like in your example.

3 clients connect to the VIP.

Client A - 192.168.0.5

Client B - 192.168.1.20

Client C - 192.168.0.99

Now, client A is the first to connect to the VIP. The ACE sees it should perform stickiness for that VIP, and checks its Sticky database, but doesn't find an entry for client A. It loadbalances via the default algorithm and finds that client A should connect to server 2, and creates an entry in its sticky table:

192.168.0.0/24 -> server 2

Client B connects, same story... is loadbalanced to server 1 and entry is created:

192.168.1.0/24 -> server 1

Then, client C comes. ACE checks his sticky table and sees an entry exists that matches client C:

192.168.0.0/24 -> server 2

Client C is then loadbalanced to server 2.

To make a long story short :)

the ip-netmask will create sticky entries in the sticky table, using the source address of the client, but ONLY for the part matching the ip-netmask.

if the ip-netmask would have been 255.255.255.255 in our previous example, all 3 clients would have been load-balanced differently, and 3 different entries would have been created in the sticky table.

if the ip-netmask would have been 255.255.0.0 in our previous example, all 3 clients would have been load-balanced identically, and only 1 entrie would have been created in the sticky table.

If this was helpful, please rate.

Kind regards,

Dario

Community Member

Re: ACE: What is the mask signifies: sticky ip-netmask 255.255.2

Thanks Dario.

Special thanks to DiData too, as otherwise I would have raised a problem (with Colin Barber)!!!

Now what is the best mask if the clients are all (90%) from one ISP, say, class A in one instance and Clacc C in another?

Silver

Re: ACE: What is the mask signifies: sticky ip-netmask 255.255.2

Hi,

I would suggest to use a /32 mask, that way all clients are be unique. The only problem is when a mega-proxy is used. Then all clients (or alot) arrive at the ACE with the same source address. If this is the case, IP stickiness is not the way to go. You should (in case of HTTP traffic) use cookies or HTTP header stickiness.

For more info, take a look at following document: http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/sticky.html

HTH,

Dario

1978
Views
5
Helpful
3
Replies
CreatePlease to create content