03-22-2010 05:02 PM
i dotn seem to be getting a round robin effect on any of the 8 web servers being load balanced.
example from sh sticky database group GROUPn
4427481407323410243 WEB-SRV2:0 0 -
2452774824762134266 WEB-SRV1:0 0 -
8113453920705035427 WEB-SRV1:0 0 -
17215884597540077782 WEB-SRV1:0 0 -
123286896185049456 WEB-SRV2:0 0 -
13101217844384152730 WEB-SRV2:0 0 -
8462688148628735445 WEB-SRV2:0 0 -
8799530925601492925 WEB-SRV1:0 0 -
9158066764881164093 WEB-SRV1:0 208 -
4233929232369710669 WEB-SRV1:0 469 -
652881741833831225 WEB-SRV1:0 730 -
11929551358522611685 WEB-SRV2:0 935 -
2201018326228455336 WEB-SRV2:0 1024 -
540836670260610939 WEB-SRV2:0 1406 -
4341078594550796939 WEB-SRV1:0 1567 -
MY STICKY CONFIG
sticky http-cookie JSESSIONID GROUP6
replicate sticky
serverfarm WEB_FARM1_FARM
any ideas ?
Thanks in advance
Solved! Go to Solution.
03-24-2010 06:10 AM
As soon as you enable stickyness you can't see if the box is doing the correct predictor function.
This is because stickyness has a higer importance.
For example, take 2 users, they should be RR to your 2 servers.
But one user open 100 connections very quickly and then nothing and the other user open only 1 connection very hour.
Any command you use will show you that the first rserver got 100 connections and the 2nd one just a few.
You will also see the 2nd one getting all new connections.
And you could also see a single entry in your sticky database once the first user entry times out.
And during this time, ACE is working correctly.
As you can see with a basic example, it is impossible to guarantee even load distribution.
This is the result of stickyness.
Nothing you can do about this.
Gilles.
03-22-2010 11:43 PM
Please, paste your config here. That should help to find answer.
03-23-2010 06:48 PM
Configs - ip etc removed
rserver host WEB-SRV1
ip address nnnnn
probe SRV_PROBE
inservice
rserver host WEB-SRV2
ip address nnnnn
probe SRV_PROBE
inservice
serverfarm host WEB_FARM
rserver WEB-SRV1
inservice
rserver WEB-SRV2
inservice
serverfarm host HTTPS_FARM
rserver WEB-SRV1 443
inservice
rserver WEB-SRV2 443
inservice
ssl-proxy service NAME_SSL_PROXY
key name.key
cert name.crt
chaingroup NAME_CHAINGP
sticky http-cookie JSESSIONID GROUP1
replicate sticky
serverfarm WEB_FARM
class-map match-all HTTPS_VIP
2 match virtual-address nnnn tcp eq https
class-map match-all WEB_VIP
2 match virtual-address nnnn tcp eq www
policy-map type loadbalance first-match HTTPS_LB_POL
class class-default
sticky-serverfarm GROUP1
insert-http X-Forward-For header-value "%is"
ssl-proxy client NAME_SSL_PROXY
policy-map type loadbalance first-match WEB_LB_POL
class class-default
sticky-serverfarm GROUP1
insert-http X-Forward-For header-value "%is"
policy-map multi-match CLIENT_VIPS
class WEB
loadbalance vip inservice
loadbalance policy WEB_LB_POL
loadbalance vip icmp-reply active
nat dynamic 1 vlan 151
policy-map multi-match HTTPS_VIPS
class HTTPS
loadbalance vip inservice
loadbalance policy HTTPS_LB_POL
loadbalance vip icmp-reply active
nat dynamic 1 vlan 151
interface vlan 15
description WEB DMZ
ip address nnn 255.255.255.192
alias nnn 255.255.255.192
peer ip address nnn 255.255.255.192
no normalization
no icmp-guard
access-group input any
access-group output any
nat-pool 1 nnn nnn+1 netmask 255.255.255.192 pat
service-policy input REMOTE_MGT
no shutdown
interface vlan 90
description CLIENT-FACING VLAN
ip address nnn 255.255.255.240
alias nnn 255.255.255.240
peer ip address nnn 255.255.255.240
mtu 1500
no normalization
no icmp-guard
access-group input any
access-group output any
service-policy input REMOTE_MGT
service-policy input HTTPS_VIPS
service-policy input CLIENT_VIPS
no shutdown
The topology is active/active the NAT is to route traffic back the way it came in - the servers use have static routes configured to work with the ACE NAT
03-23-2010 11:58 PM
if you look at the show sticky database, you get the list of cookie.
So basically, the list of clients that connected to Web_farm.
Those clients, when they connect for the first time do not havve any cookie and therefore the default predictor method is used to loadbalance them.
That is roundrobin.
So, indeed you should see a roundrobin distribution of the cookie.
However, if some clients stay active while others are idle, the sticky entry can timeout faster for some clients vs others.
And therefore, it is hard to maintain an even number of entries between the servers.
In conclusion, the command you are using can't be used to determine if ACE is correctly doing roundrobin or not.
Gilles.
03-24-2010 12:58 AM
Thanks Gilles
... OK so then sh rserver is the way to show that RR LB is working ?
03-24-2010 06:10 AM
As soon as you enable stickyness you can't see if the box is doing the correct predictor function.
This is because stickyness has a higer importance.
For example, take 2 users, they should be RR to your 2 servers.
But one user open 100 connections very quickly and then nothing and the other user open only 1 connection very hour.
Any command you use will show you that the first rserver got 100 connections and the 2nd one just a few.
You will also see the 2nd one getting all new connections.
And you could also see a single entry in your sticky database once the first user entry times out.
And during this time, ACE is working correctly.
As you can see with a basic example, it is impossible to guarantee even load distribution.
This is the result of stickyness.
Nothing you can do about this.
Gilles.
03-24-2010 08:08 AM
thanks this is now clearer to me
04-22-2010 07:27 AM
Hello,
There is an issue in your sticky configuration.
You have to put the command "cookie insert" in your http_cookie group
like this:
sticky http-cookie JSESSIONID GROUP1
replicate sticky
cookie insert
serverfarm WEB_FARM
In my configuration, when I remove it , stickyness don't work.
Rgds
Philippe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide