cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
504
Views
2
Helpful
7
Replies

Direct Server Return Issue

cheeseng
Level 1
Level 1

Hi,

Facing some problem with DSR configuration hope somebody can help. Below is the config,

vlan 711 client

ip address 172.18.164.250 255.255.255.0

gateway 172.18.164.1

alias 172.18.164.249 255.255.255.255

vlan 706 server

ip address 137.132.15.179 255.255.255.0

alias 137.132.15.176 255.255.255.255

real NETWORK1

address 137.132.15.188

inservice

real NETWORK2

address 137.132.15.189

inservice

serverfarm NETWORK_FARM

no nat server

no nat client

real name NETWORK1

inservice

real name NETWORK2

inservice

vserver NETWORK

virtual 137.132.21.57 tcp www

unidirectional

serverfarm NETWORK_FARM

advertise active

idle 4

replicate csrp connection

no persistent rebalance

inservice

I have verify that the server and csm are layer 2 adjacent. Furthermore have capture and analyse a trace and found out that the CSM is resetting my connection. However I cannot find out the reason for being so. Could it be a config issue. Pls advise. Thanks

7 Replies 7

Gilles Dufour
Cisco Employee
Cisco Employee

I think the problem is ' idle 4'.

Since the CSM only see half of the connection, it means if the client does not transmit anything for 4 sec the CSM will disconnect client and server.

Could you try to increase this idle timeout to 60 and see if this improves.

Thanks.

Gilles.

Thanks for rating this answer.

Hi Gilles,

Sorrry, I'm afraid I have phrase the question incorrectly.

What is happening now currently, is that my DSR configuration is not working at all.

The client is not getting a reply at all from the server.

My sniffer trace show that the CSM is resetting the connection thus request from the client is not being forwarded to the server at all. But I could not find anything wrong with the config. Pls advise. Thanks

can we get a 'sho mod csm x vserver' and 'sho mod csm x real' and if possible your sniffer trace.

Thanks,

Gilles.

NETWORK SLB TCP 137.132.21.57/32:80 711 OPERATIONAL 0

NETWORK_HTTPS SLB TCP 137.132.21.57/32:443 ALL OPERATIONAL 0

NETWORK1 NETWORK_FARM 8 OUTOFSERVICE 0

NETWORK2 NETWORK_FARM 8 OPERATIONAL 0

Above are the results of the show command.

As for the trace can i sent it to your e-mail instead. Thanks

you can send me the info to gdufour@cisco.com

Also, did you verify traffic is coming in on port 711 ?

Do you have Faul Tolerance and if yes, is this CSM active ?

Thanks,

Gilles.

Hi Gilles,

I have verify from the trace that the traffic did indeed reach my VLan 711.

Yes the CSM is configure in FT mode and the CSM is that I'm configuring is the Active module.

I have sent you the trace via e-mail. Please kindly take a look. Thanks for the help.

The RESET comes after 4 sec.

So it is due to idle timeout.

Seems like the CSM has forwarded the SYN to the server but no response is coming back.

Verify the server routing table and make sure it is configured to accept connection to ip 137.132.21.57.

You may need to configure a loopback address with this ip.

Regards,

Gilles.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: