cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1064
Views
0
Helpful
2
Replies
Highlighted
Beginner

ACE sending resets

I have an ACE context sending TCP resets.  The configuration is the same as another ACE in a different data center, and in the other data center it is working.  I'm doing end-to-end SSL (SSL termination and initiation), and PCAP traces show the ACE sending the reset both to client and server.  "show stats loadbalance" shows layer 7 rejections, but the layer 7 policy being matched is 'match http url .*'.  Any ideas would be welcome.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Enthusiast

ACE sending resets

Hi There,

In case everything looks good on the captures, meaning the SSL handshake and all that then perhaps you may consider to take a look of this bug and perhaps apply the workaround:

CSCtx92484

—During a Layer 7 file transfer is terminated after transferring approximately 16 kB of data. Workaround: Configure an HTTP parameter map and set the content-maxparse-length and header-maxparse-length to larger values. For example:

parameter-map type http PM-HTTP

  persistence-rebalance

  set header-maxparse-length 65535

  set content-maxparse-length 65535

Hope this helps

Jorge

View solution in original post

2 REPLIES 2
Highlighted
Beginner

ACE sending resets

Typically we would see L7 rejections when the server rejects the request.  Do you see the ssl handshake to the backend complete successfully?  If there is any issue the with the handshake then we would expect to see l7 rejections.

Highlighted
Enthusiast

ACE sending resets

Hi There,

In case everything looks good on the captures, meaning the SSL handshake and all that then perhaps you may consider to take a look of this bug and perhaps apply the workaround:

CSCtx92484

—During a Layer 7 file transfer is terminated after transferring approximately 16 kB of data. Workaround: Configure an HTTP parameter map and set the content-maxparse-length and header-maxparse-length to larger values. For example:

parameter-map type http PM-HTTP

  persistence-rebalance

  set header-maxparse-length 65535

  set content-maxparse-length 65535

Hope this helps

Jorge

View solution in original post

CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey

This widget could not be displayed.