Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSS not passing Traffic anymore

Hello,

We have CSS11503 in a box to box redundancy configuration setup and it has been working for a while without any issues. We recently changed the servers in our test web farm and from then on we are not able bring them online through the VIP address. State shows that they are down even when the servers are up and running.Below is the current config on the CSS

!Active version: sg0730005

configure

!*************************** GLOBAL ***************************

ip redundancy

app

app session 172.16.30.2

ip route 0.0.0.0 0.0.0.0 172.94.23.65 1

!************************* INTERFACE *************************

interface 1/1

bridge vlan 162

interface 1/2

bridge vlan 163

interface 2/1

bridge vlan 162

admin-shutdown

interface 2/2

bridge vlan 163

admin-shutdown

interface 2/4

admin-shutdown

interface 2/8

bridge vlan 167

!************************** CIRCUIT **************************

circuit VLAN162

redundancy

ip address 172.94.x.66 255.255.255.224

circuit VLAN163

redundancy

ip address 172.94.x.145 255.255.255.240

circuit VLAN167

ip address 172.x.30.1 255.255.255.0

redundancy-protocol

!************************** SERVICE **************************

service server4519

ip address 172.x.23.153

active

service server4525

ip address 172.x.23.152

active

service server6349

ip address 172.x.23.146

active

service server6350

ip address 172.x.23.147

active

service server6351

ip address 172.x.23.151

active

service server6352

ip address 172.x.23.149

active

!*************************** OWNER ***************************

owner prod

content web-servers

vip address 172.x.23.81

port 443

protocol tcp

balance aca

add service server6352

add service server6351

add service server6350

add service server6349

active

owner testweb

content net-websrvs

vip address 172.x.23.84

balance leastconn

add service server4525

protocol tcp

port 443

url "/*.aspx"

active

content test-websrvs

protocol tcp

port 443

add service server4519

vip address 172.x.23.84

balance leastconn

active

Appreciate your valuble inputs on this issue.

Thanks in Advance

4 REPLIES
New Member

Re: CSS not passing Traffic anymore

The servers have no keepalive so there should be no issue with the CSS seeing them as down. Only thing I can think off if you can't get to them via the VIP is you maybe need to point the servers default gateway to the CSS circuit address ?

You are not (apparently) doing any source NATting so perhaps the route to the client IP is to a router first. Then you may get a assymetric router.

cheers,

Mike

New Member

Re: CSS not passing Traffic anymore

Servers default gateway is pointed to CSS circuit address and I can see traffic going through the CSS when I access the server directly. I can ping the servers from CSS and also from the servers to CSS but still it shows as down

New Member

Re: CSS not passing Traffic anymore

I could bring the servers online by setting the keepalives to none.

Thanks for the help

Cisco Employee

Re: CSS not passing Traffic anymore

you should move away from 7.30(0.5)

What you have seen is probably due to a known defect [sorr don't habe the number].

I would recommend the latest 8.10 image.

Gilles.

133
Views
0
Helpful
4
Replies
CreatePlease login to create content