Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2741
Views
0
Helpful
4
Replies

ACE - TMG 2010 locks-up when overwhelmed with requests

edgarfc254
Level 1
Level 1

‎02-07-2012 01:28 AM

ACE service module providing loadbalacing to four TMG 2010 boxes. All works well when the Internet is availble. Problem comes when there is an Internet outage for more that 5 minutes, the TMG boxes simple lockup and cannot service any kind of connection.

The situation is brought back to normal by stopping the ACE from servicing traffic and rebooting the TMG boxes when the Internet is back up.

I am looking for ways to limit connections that are sent to the server farm or to stop requests being sent to the server farm when there is an Internet outage. Any ideas?

Labels:
0 Helpful
4 Replies 4

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎02-07-2012 06:36 AM

Hi,

I assume that the outage comes from the fact that client connections pile up on the TMG boxes since there is no internet connectivity to serve them. Is this correct?

If so, what you could do is configure a maximum number of connections allowed per server. When that limit is reached, the ACE will stop sending new connections to it. This way, you should be able to stop sending new connections before the server gets overloaded.

For more details on how to configure this, have a look a the link below

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_0/configuration/slb/guide/rsfarms.html#wp1086777

I hope this helps

Daniel

0 Helpful

edgarfc254
Level 1
Level 1
In response to Daniel Arrondo Ostiz

‎02-07-2012 08:01 AM

Your assuption is correct. Will work on configuring the maximum number of connections and monitor the effects.

Thanks Daniel

0 Helpful

Paul Pinto
Level 1
Level 1
In response to edgarfc254

‎02-09-2012 01:13 AM

Good day gentlemen,

Would it not be an option to implement a health probe to a site or two on the www (eg. http://www.google.com) an apply to each TMG rserver. If there is an Internet outage the probes would fail and the servers would te taken out of service. This is assuming you do not already have this in place.

This in conjunction with the maximum number of connections allowed per server may be an optimal solution?

Just a thought.

Regards

Paul

0 Helpful

Rafael Mendes
Level 2
Level 2
In response to Paul Pinto

‎04-27-2012 08:19 AM

Edgard,

Can post your configuration for this?

I trying configure too...

Tks!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card