Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2085
Views
0
Helpful
17
Replies

ACE Stickiness Question

netternewbie
Level 1
Level 1

‎10-22-2012 08:51 AM

Hi Folks,

First of all I am new the job and have very little ACE expierence. I work on a large campus. We have to 6513's with an ACE blade in each. A few contexts configured for different applications. Basically the server guys have come to me and asked me to enabled stickiness on one of there contexts.

Now I am sure this is basic stuff to ye guys but I am just wondering what I need to do? Can I implement this on the fly without causing an outage? I have cut and paste  the relevant context below. And added the changes I think that need to be made. Do you guys think this will work and will it cause any outage?

I appreciate any help at all guys:

Here is current config:

probe tcp APPS-PROBE

port 8080

interval 3

passdetect interval 5

parameter-map type ssl SSL-APPS-ADVANCED

cipher RSA_WITH_RC4_128_MD5

rserver host SERVER1

ip address 10.10.10.1

inservice

rserver host SERVER2

ip address 10.10.10.2

inservice

ssl-proxy service SSL-APPS-PROXY

key appfiles.pem

cert appfilesCAcert

chaingroup APPFILES-CHAINGRP

ssl advanced-options SSL-APPS-ADVANCED

serverfarm host APPS-FARM

predictor leastconns

probe APPS-PROBE

rserver SERVER1 8080

inservice

rserver SERVER2 8080

inservice

class-map match-any APPS-VIP

2 match virtual-address 10.10.10.4 tcp eq https

policy-map type management first-match MGT-POLICY

class class-default

policy-map type loadbalance first-match APPS-POLICY

class class-default

serverfarm APPS-FARM

policy-map multi-match APPSPOLICY

class APPS-VIP

loadbalance vip inservice

loadbalance policy APPS-POLICY

loadbalance vip icmp-reply active

ssl-proxy server SSL-APPS-PROXY

service-policy input APPSPOLICY

Will adding the following to the context make stickiness work?

sticky ip-netmask 255.255.255.255 address source STICKY-APPS-FARM

timeout 720

timeout activeconns

replicate sticky

serverfarm APPS-FARM

policy-may type loadbalance first-match APPS-POLICY

class class-default

sticky-serverfarm STICKY-APPS-FARM

I am really lost on this and only getting this from looking at stickiness on other configs. Can you guys advise will this work.

Labels:
0 Helpful
17 Replies 17

netternewbie
Level 1
Level 1
In response to netternewbie

‎10-25-2012 02:24 AM

Sorry for another post but even though I can ping the box from the ACE I can't from the 6500.

0 Helpful

Cesar Roque
Level 4
Level 4
In response to netternewbie

‎10-26-2012 11:29 AM

Hi Netter,

If sounds good open a TAC case to check on this issue

---------------------
Cesar R
ANS Team

--------------------- Cesar R ANS Team
0 Helpful

netternewbie
Level 1
Level 1
In response to Cesar Roque

‎11-07-2012 07:17 AM

Hi Cesar,

Sorry for the delayed reply as I was on holidays. We found a fix. By adding the mac addresses in with a static entry in the fwsm context on the inside interface it fixed the problem and the servers remained contactable after 5 mins on the ACE.

As we won't be adding other servers to this context and after more testing it seems only this context is affected we are happy with this solution so we don't need to open a tac case.

No idea what caused this though.

Thanks for all the help.

Nettie.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card