Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
1
Replies

ACE30 damages http requests again

p.hruby
Level 1
Level 1

‎01-14-2015 03:41 AM

Hello,

on my ACE module I have simple policy which distributes http requests to several backend servers.

 

class-map match-any VIP-DACP-WEBSERVICES
  2 match virtual-address 10.105.56.17 tcp eq www

policy-map type loadbalance first-match VIP-DACP-WEBSERVICES
  class class-default
    serverfarm DACP-WEBSERVICES
    insert-http x-forwarded-for header-value "%is"

 

 

policy-map multi-match DACP-WEBSERVICES
  class VIP-DACP-WEBSERVICES
    loadbalance policy VIP-DACP-WEBSERVICES

 

 

Sometimes HTTP request are damaged on the ACE. It means that content of the message which goes from ACE to backend rserver looks different than original message from client to ACE.

 

Corrupted data are always inside of <binaryData> code.

 

Original data to ACE:

<binaryData xmlns="http://www.cpoj.cz/dacp/xsd/comImportDocPageRequest">
SGzhmmVu7SBvIHpwcmFjb3bhbu0gc291Ym9ydSBwcm8gc3Rvcm5vIFBvZHNtbHV2
IHByb2R1a3R1IEFMDQoNClByb2NlcyB6cHJhY2924W7tIHNvdWJvcnUgVElBQUw0
OTAyMTkyMzEyMTQxMTIxX1MwMS5jc3YsIHBybyBy4W1jb3ZvdSBzbWxvdXZ1IOjt
c2xvIDQ5MDIxOTIzMTIgc3B1mnTsbv0gZG5lIDIyLjExLjIwMTQNVElBIGRvcGFkbCBzIG7hc2xlZHVq7WPtbSB2/XNsZWRrZW06DQoNCiAgIENl ...

 

Corrupted data from ACE to backend:

<page mimeType="text/plain" fileName="">
<binaryData xmlns="http://www.cpoj.cz/dacp/xsd/comImportDocPageRequest">
SGzhmmbu0gc291Ym9ydSBwcm8gc3Rvcm5vIFBvZHNtbHV2
IHByb2R1a3R1IEFMDQoNClByb2NlcyB6cHJhY2924W7tIHNvdWJvcnUgVElBQUw0
OTAyMTkyMzEyMTQxMTIxX1MwMS5jc3YsIHBybyBy4W1jb3ZvdSBzbWxvdXZ1IOjt
c2xvIDQ5MDIxOTIzMTIgc3B1mnTsbv0gZG5lIDIyLjExLjIwMTQNCnWeaXZhdGVs
ZW0gVElBIGRvcGFkbCBzIG7hc2xlZHVq7WPtbSB2/XNsZWRrZW06DQoNCiAgIENl ...

 

Differences in original and corrupted request are marked by red. Corrupted data are always 18Bytes long (there is CR LF between ..Vs and ZW0g in corupted data example)

 

I already experienced similar issue couple of months ago (see https://supportforums.cisco.com/discussion/12245716/ace30-damages-http-request )

But in current situation http messages are smaller (approx. 4000B).

I've tried to  apply following parameter map but nothing has changed.

parameter-map type http DACP-WS-PARSE
  set header-maxparse-length 65535
  set content-maxparse-length 65535
  length-exceed continue
  parsing non-strict

 

Petr

Labels:
0 Helpful
1 Reply 1

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎01-15-2015 05:53 AM

Hi Petr,

I would suggest collecting two sets of show tech as well as simultaneous front end and back end captures and open a TAC case. Let them have a look and get back to you analysis. ACE shouldn't change anything in the header except the insertion of XFF which you have configured. This needs to be investigated.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful
Customers Also Viewed These Support Documents