Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
756
Views
0
Helpful
1
Replies

Cisco ACE VIP

jcricket31
Level 1
Level 1

‎03-14-2016 07:33 PM

Good Evening All,

I'm suddenly having issues with a VIP configured on a Cisco ACE module.  The VIP suddenly stopped responding to pings and is not serving content except for what looks like sticky connections.  The VIP has 2 real servers each averaging 500 active connections.  I've confirmed I can hang the service port on the real server from the load balancer, confirmed arp entry, but can not telnet from the load balancer to the VIP via the service port.  Also, the VIP is not responding to pings.  I've confirmed the confirmation is configured with icmp-reply's as active and the connection table shows the same amount of active connections as what is listened in the server farm details.

The one thing that caught my attention was, looking at the sticky database associated with the VIP, the database has over 4000 entries.  My understanding is there can only be a max of 4096 entries, whether dynamic or static, within a sticky group.  Would this cause new connections to be "denied" even though most the entries aren't active in the connection table?

Labels:
0 Helpful
1 Reply 1

Aleksey Pan
Cisco Employee
Cisco Employee

‎03-15-2016 01:58 PM

Hi ,

Not sure why the VIP is down, please make sure it is UP "show service-polisy..." make sure this service-policy that related to this VIP is under interface( Client-ACE).

What the status of the serverfarm and rservers, are they UP as well?

- If all these was checked, you can try to re-enable the VIP or re-add the service policy to the interface.

"

The one thing that caught my attention was, looking at the sticky database associated with the VIP, the database has over 4000 entries.  My understanding is there can only be a max of 4096 entries, whether dynamic or static, within a sticky group.  Would this cause new connections to be "denied" even though most the entries aren't active in the connection table?

"

- That could create an issue yes. Another thing if you have sticky-configured, how many rservers you have, and all of them UP? If one/some are down, all the connections that in sticky-database for those rservers, would fail. If this is a case, this is a normal behavior for some connection be denied and some not. You would need to clear the sticky database, and once all rservers are UP, clear it again, to load-balance them. But would not explain why VIP is unreachable.

All the related info, will be helpful:

- show service-policy det ..

- show serverfarm ...

- show rserver

-sh run int ...

and other related config to this VIP.

- Also, check the "show resource usage" from the Admin context, and check how the resources were allocated on the ACE. Maybe there denies also?

Regards,

Alex

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card