Re: ACE cookie stickiness issue

sachin_mon · ‎11-13-2008

Hi,

We are having ACE as the load balancer

Software running on ACE

loader: Version 12.2[121]

system: Version A2(1.1a) [build 3.0(0)A2(1.1a) adbuild_22:19:41-2008/07/21_

/auto/adbu-rel3/rel_a2_1_1_throttle/REL_3_0_0_A2_1_1A]

system image file: [LCP] disk0:c6ace-t1k9-mz.A2_1_1a.bin

We have 2 webservers (load balanced) & 2 application servers(load balanced).Cookie based stickiness is currently used on Web & Application servers.

Ideal scenario:

1.Client opens the url http://...There is always a dual session whenever the client opens the url.One is for Java & the other for html.

2.Client--->Webserver1

3.Webserver1---->APP1

Most of the times when the client types the url, the dual sessions goes to one Webserver as per round robin (eg web server 1) & the webserver 1 communicates with Application server as per round robin (eg.application server 1).

Problem:

Now at times when the client types the url, the dual sessions gets split which means one session goes to one webserver & the other session goes to second webserver.Ideally it should not as per the application demands.

When this happens, both the webservers communicates with both the application servers.Here is where the problem happens.The client is asked for the login page again which indicates that the client has went to the second application server for the login.

What ideally should happen is the client should stick to the same application server depending up the sticky timeout.

Foll. is the output of show conns when prob occurs:

Primary-ACE/DMZ2# sh conn serverfarm SF-8888

conn-id np dir proto vlan source destination state

----------+--+---+-----+----+---------------------+---------------------+------+

1321 1 in TCP 2504 172.21.46.34:2037 172.24.51.200:8888 ESTAB

1255 1 out TCP 2704 172.24.51.33:8888 172.21.46.34:2037 ESTAB

1108 2 in TCP 2504 172.21.46.34:2036 172.24.51.200:8888 ESTAB

1144 2 out TCP 2704 172.24.51.32:8888 172.21.46.34:2036 ESTAB

Primary-ACE/APP# sh conn serverfarm SF-8888

conn-id np dir proto vlan source destination state

----------+--+---+-----+----+---------------------+---------------------+------+

959 2 in TCP 2507 172.24.51.32:58306 172.24.54.200:8888 ESTAB

115 2 out TCP 2707 172.24.54.32:8888 172.24.51.32:58306 ESTAB

651 2 in TCP 2507 172.24.51.33:51030 172.24.54.200:8888 ESTAB

901 2 out TCP 2707 172.24.54.33:8888 172.24.51.33:51030 ESTAB

------------------------------------

I have attached the configs.

The web server we are testing is 172.24.51.32 & 33 - port 8888

Application servers - 172.24.54.32 & 33-port 8888

Rgds./Sachin

Gilles Dufour · ‎11-13-2008

You have split the APPS and WEB between different contexts.

This is your problem.

The context are independent and do not share the sticky info.

So, to make it simple, merge the 2 contexts into a single one and everyting should be ok.

If this is really really really really important to use virtualization, you could use cookie insert on the WEB context and then reuse the same cookie name on the app context with static entries pointing the cookie_inserted value from web to the same server in app.

Tricky, but it will work.

Gilles.

sachin_mon · ‎11-13-2008

Thanks Gilles for prompt response.

As per the design we have to use two contexts.

Do you have any template for cookie insert which I can use for Web & App load balancer..?

Rgds./Sachin

Syed Iftekhar Ahmed · ‎11-13-2008

Sachin~

What is exactly your flow?

Is client hitting the Webserver farm (in web server context) and then Web servers hitting the APPs Servers in the APPS server context?

If thats the case (only Web servers are App server clients and client is not hitting application serverfarm ) then you can use source ip based sticky in APP server farm which will ensure that one web server sticks to a particular APP server and it never changes the APP server.

Following example will insert cookie named "Mycookie" in the server responses from APP1 rservers to the client

rserver host App1-Srvr1

ip address 192.168.1.1

inservice

rserver host App1-Srvr2

ip address 192.168.1.2

inservice

serverfarm host APP1-SFARM

rserver App1-Srvr1

inservice

rserver App1-Srvr2

inservice

class-map match-any APP1-VIP

2 match virtual-address 10.10.10.1 tcp eq www

sticky http-cookie MYcookie App1-sticky

cookie insert

timeout 720

replicate sticky

serverfarm App1-Sfarm

policy-map type loadbalance first-match APP1-POLICY

class class-default

sticky-serverfarm App1-sticky

policy-map multi-match VIPS

class VIP-P80

loadbalance vip inservice

loadbalance policy APP1-POLICY

loadbalance vip icmp-reply active

HTH

Syed Iftekhar Ahmed

sachin_mon · ‎11-17-2008

Thanks Syed for the response.

The traffic flow is only Web servers are App server clients and client is not hitting application serverfarm.

The clients are hitting the Web servers.The application servers support set cookie, so do we really need cookie insert..?

Rgds./Sachin

sachin_mon · ‎11-19-2008

Hello Syed,

When we use IP based in the APP zone, the problem is when we have one web server down,Web server 2 will always stick to one application server & that way we won't be able to acheive load balancing in the APP zone.

Is there any workaround for our scenario..?