ACE dropping POSTS but not GETS after upgrade

luckymike33 · ‎03-09-2016

Hi,

I have recently upgraded our ACE30 blades from 2.1 to 3.3, and have seen that there are a large number of dropped connections for one particular site starting at the same time I moved over to the upgraded ACE. This is out of about 10 or sites.

The failing traffic is largely an external monitoring company trying to send an HTTP post through the ACE, and this keeps failing. When they change their monitoring probe to a GET, it apparently starts working...

I can post show service-policy detail, or anything else for that matter, if anyone would be able to help?

If anyone would be able to make any suggestions that would be a massive help.

Best wishes

Mike

Aleksey Pan · ‎03-11-2016

Hi Mike,

The only correlation with changing the probe fixed the issue is that before, the probe was failing and the serverfarm was getting down and VIP getting out-of service, unless there is sticky configured to the specific rserver. This is only the reason I can see, that can be addressed, that probe was changed.

When you seeing the issue like this, better to have the "show conn det " output and the backplane packet capture, to see where it is failing, if the rest all good ( rserver/serverfarm/VIP are UP)

luckymike33 · ‎04-18-2016

Hi,

After a few hours troubleshooting, we realized it was because this image enforces the rfc 2396, and our webpage testers were using illegal characters, specifically the '+' symbol, and the '^' symbol. The ACE was filtering these out causing the request to fail. After we got out 3rd party monitoring to use only legal characters in the GET request, all worked properly again.

Thanks for looking at this.

Best wishes

Mike