Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1123
Views
0
Helpful
1
Replies

ACE: two URLs, cookie stickyness

apasquino
Level 1
Level 1

‎09-17-2010 02:21 AM

Hello Experts,

I have a couple of ACE that load balances two web servers using stickyness with cookie insert (BTW the topology is one armed mode). You can see the sanitized config below:

rserver host WEBSERVER1

  ip address 10.10.10.101

  inservice

rserver host WEBSERVER2

  ip address 10.10.10.102

  inservice

serverfarm host MY-SF

  rserver WEBSERVER1

    inservice

  rserver WEBSERVER2

    inservice

sticky http-cookie MY-COOKIE MY-SF-STICKY

  cookie insert

  replicate sticky

  serverfarm MY-SF

class-map match-all WEB-VIP

  2 match virtual-address 10.10.10.100 tcp eq www

policy-map type loadbalance http first-match WEB-POLICY

  class class-default

    sticky-serverfarm MY-SF-STICKY

policy-map multi-match VIPS

  class WEB-VIP

    loadbalance vip inservice

    loadbalance policy WEB-POLICY

    loadbalance vip icmp-reply active

    nat dynamic 10 vlan 222

interface vlan 222

  ip address 10.10.10.1 255.255.255.0

  alias 10.10.10.10 255.255.255.0

  peer ip address 10.10.10.2 255.255.255.0

  access-group input IP-ICMP-ANY

  nat-pool 10 10.10.10.200 10.10.10.200 netmask 255.255.255.0 pat

  service-policy input VIPS

  no shutdown

The web application asks the Client to connect to two different URLs, for example red.xyz.com and blue.xyz.com.

For each URL the Client receives correctly a cookie. How can we force the ACE to send for each of the two URLs a cookie that sticks to a unique real server ? Shall we change the load balancing policy ?

Thanks a Lot

Andrea

Labels:
0 Helpful
1 Reply 1

jlamousn
Level 1
Level 1

‎09-17-2010 08:23 AM

Andrea,

Are both urls resolving to the same vip address.  If so, The ace does not care about the  url when inserting cookies.  Any connections that comes to the same vip address will get  the cookie.  The client will remember the cookie for that url, however, and if the client  connects on a subsequent request to the same vip address but using a different url, more  than likely the client will not provide the cookie that it had learned from the previous  request at the other url, and that will cause the ace to potentially load balance that  request to a new server.  So it will be possible in this scenario for the client to be  stuck to two different servers to the same vip address, one for each url or FQDN.

Thanks
Joel Lamousnery
TAC Customer Support Engineer

Joel Lamousnery CCIE R&S - 36768 Engineer, Customer Support Technical Services
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents