Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
moorthy1977
moorthy1977
Community Member
‎02-14-2006 03:09 AM
‎02-14-2006 03:09 AM

user restrication on load balance VIP

we need to implement below requirement can any one suggest how to imlement it

1.Sticky command

Once a connection is opened to a physical server, any requests coming from a particular client always go to that server, until either the timeout is reached or the user session is terminated

2.Client-assigned load balancing

All requests coming from a specific client always go to the same physical server. This is done through recognition of the client’s IP address.

3.User session restrictions

User name / IP session restriction based on parameter values(ie only 1 user can login at a time).

Please find the below config

service test1

ip address 10.8.1.25

protocol tcp

keepalive type http

keepalive port 80

active

service test2

ip address 10.8.1.26

protocol tcp

keepalive type http

keepalive port 80

active

content DSS-R1

protocol tcp

vip address 10.8.1.1

port 80

advanced-balance sticky-srcip-dstport

add service test1

add service test2

active

please suggest me how to implement all three points whereas point 3 is very crucial & urgent.

0 Helpful
Reply
2 REPLIES
Gilles Dufour
Gilles Dufour Cisco Employee
Cisco Employee
‎02-14-2006 04:52 AM
‎02-14-2006 04:52 AM

Re: user restrication on load balance VIP

1/ is done with the advanced-balance command.

I would suggest to replace the current one with 'advanced-balance sticky-srcip' since the destination port is always 80 [per config].

2/ you can force a client to go to a particular server with an acl and the prefer option.

ie:

acl 1

clause 10 permit tcp x.x.x.x destination content owener/DSS-R1 prefer test1

clause 99 permit any any destination any

apply all

acl enable

3/ we will need more details.

Not much can be done so, because the CSS only counts active connections.

So, you can restrict 1 user at a time with the command 'maxconn 1' but I'm not sure if it will help.

You should test it first and see if it does what you need.

Regards,

Gilles.

0 Helpful
Reply
moorthy1977
moorthy1977
Community Member
‎02-15-2006 02:47 AM
‎02-15-2006 02:47 AM

Re: user restrication on load balance VIP

Thanks for your help.

1. I will implement it.

2.I need more info how to configure it practically on switch

3. I checked on css 11503,If i give command on service " max connection (Integer value(Range: 6-65534) ,which may be no of connection on css 11503.

Please suggest.

Regards,

Moorthy

0 Helpful
Reply
Latest Documents
ACI object moquery Cheat Sheet
Created by lindawa on 04-17-2018 09:15 PM
0
10
0
10
 Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.   moquery usage &n... view more
ACI TS checklist ready before opening TAC case
Created by lindawa on 04-15-2018 06:40 PM
0
0
0
0
Here is the checklist before customers/partners contact Cisco TAC:   Firmware Version of APIC and Switch Hardware Model Download Switch and APIC techsupport logs Problem description (Symptoms with details) Business impact (eg, what kind of services... view more
ACI: Common migration issue / VMM vSwitch policy missing
Created by Abey K. George on 04-08-2018 05:09 PM
0
10
0
10
moquery usageAPIC moquerySwitchmoquery Document Objective This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.  Problem Description VMware Virtual machines are hosted in Cisco UCS-B seri... view more
All Documents
246
Views
0
Helpful
2
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
Datacenter STP Considerations on Nexus Switches
Created by Sandeep Singh on 01-30-2015 05:29 AM
3
20
3
20
Chalk Talk: FabricPath, TRILL & VXLAN
Created by Julie Burruss on 01-17-2014 11:19 AM
2
15
2
15
Chalk Talk: Ten Things That Make NX-OS Awesome!
Created by Julie Burruss on 04-17-2013 11:53 AM
1
10
1
10
All Blogs