Solved: Cisco CSM: how to configure ldap probe?

thorsten.steffen · ‎04-01-2009

Hi all,

we use a cisco content switching module (CSM) with software version 4.3(1) and we balance a ldap service on two ldap servers.

For probing the real servers we use the default script (see attachment).

The probing interval is set to 10 seconds, the retries to 2.

Monitoring the real servers with ldap probes does not work as expected in the special case when the real server needs very long to answer the probe requests.

So the CSM does not mark the real server down when the answer exceeds the two retries (e.g. after 40s the real server answers).

The config for the vserver is showed below:

===

vserver LDAPDIR

virtual <ip> tcp 389

vlan 999

replicate csrp connection

no persistent rebalance

slb-policy LDAPDIR-POL

inservice

policy LDAPDIR-POL

serverfarm LDAPDIR-F

nat server

failaction purge

real name <server1>

inservice

real name <server2>

inservice

probe LDAP-HEALTH389

real <server1>

address <ip>

inservice

real <server2>

address <ip>

inservice

probe LDAP-HEALTH389 script

script LDAP_PROBE

interval 10

retries 2

port 389

===

Does anybody know what's the reaseon for this behaviour?

Many thanks in advance,

Thorsten Steffen

Gilles Dufour · ‎04-01-2009

Try to configure a receive time and a failed interval

failed time in seconds between probes of failed server

receive maximum time in seconds to wait for a reply from real server

Get a sniffer trace to verify the exact server delay.

Gilles.

View solution in original post

Gilles Dufour · ‎04-01-2009

Try to configure a receive time and a failed interval

failed time in seconds between probes of failed server

receive maximum time in seconds to wait for a reply from real server

Get a sniffer trace to verify the exact server delay.

Gilles.