Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

issues with arrowpoint-cookie sticky

I am wondering if it is necessary to use `url "/*"' in a content rule using arrowpoint-cookie. I have been using arrowpoint-cookie for years and have never used the url command unless I needed a specific layer 5 feature like header field rule.

Recently I have been having issues with stickiness where once or twice per day a session is directed to the wrong server in the rule and someone mentioned that I need the `url "/*"' line. Could you guys confirm?

Here is what my rule looks like. I was wondering too if perhaps the string configured on the service is too short and may be causing issues from time to time because I have a rule with services using the default string (server ip) and that seems to be fine...

service web1-80

ip address 10.0.0.1

port 80

protocol tcp

keepalive type tcp

keepalive port 80

keepalive frequency 60

string 111pro111

redundant-index 664

active

service web2-80

ip address 10.0.0.2

port 80

protocol tcp

keepalive type tcp

keepalive port 80

keepalive frequency 60

string 222pro2222

redundant-index 665

active

service web3-80

ip address 10.0.0.3

port 80

protocol tcp

keepalive type tcp

keepalive port 80

keepalive frequency 60

string 333pro3333

redundant-index 666

active

[...]

content web-80

protocol tcp

vip address 192.168.1.1

port 80

redundant-index 10641

advanced-balance arrowpoint-cookie

add service web1-80

add service web2-80

add service web3-80

add service web4-80

add service web5-80

add service web6-80

add service web7-80

add service web8-80

add service web9-80

active

Thanks

1 REPLY
Cisco Employee

Re: issues with arrowpoint-cookie sticky

I always configure the url when using arrowpoint-cookies because this feature is an L5 feature. The CSS needs to spoof the connection between client and server.

However, if it was mandatory, nothing would work as it is. Not just a few connection failures.

Your problem is most probably due to idle timeout. If the CSS detected the connection was idle, it will stop looking for new cookies in the connection, so no remapping is possible.

Use the flow-timeout-multiplier command to increase the idle timeout ie: by 25 and see if that improves the situation.

Gilles.

126
Views
0
Helpful
1
Replies