Solved: CSM 12 hour stickiness from two source addresses

ben.robinson · ‎11-22-2005

We have an environment where the traffic only originates from two source IP addresses (shared port forwarders). The server group need a 12 hour stickiness window for the Citrix sessions to be hitting the same server.

If we have two servers, ServerA and ServerB, this is the problem.

When maintenance is performed on ServerA. All traffic is sent to ServerB. When ServerA is back in operation the traffic does not use this server due to the sticky timeout of 720 minutes.

Is there anyway to clear the connections from one source on the CSM so the processing of packets will spread the load between the two servers?

Thanks.

Gilles Dufour · ‎11-23-2005

Ben,

clearing the connections without clearing the sticky table is useless. Because the sticky entry will simply forward the new connections back to the same server.

Also, there is no way to clear a particular sticky entry.

Finally, I think the solution for you would be to create static sticky entry.

You can force a client ip to go to a specific server.

If the server is down for maintenance, the CSM will simply select another one but will go back to the initial one if available.

To configure static entries, use the following commands

sticky 66 netmask /32

static client source x.x.x.x real x.x.x.x

Gilles.

View solution in original post

Gilles Dufour · ‎11-23-2005

Maybe you should not use stickyness in this scenario.

Predictor hash seems to be a good solution[ if the hash is such that each source is loadbalanced to a different server].

Otherwise, you should maybe clear the sticky table when you perform some maintenance.

Gilles.

ben.robinson · ‎11-23-2005

Thanks Gilles.

Is there anyway to clear the sticky table for a single entry. Example, just clear the table based on a source IP and real combination?

If not, should I just clear the conns? Will this command work to clear all connections to a single real server?

cle mod csm 4 conn real 10.1.2.10

The 10.1.2.10 is the real IP address of ServerA

Thanks,

Ben

Gilles Dufour · ‎11-23-2005

Ben,

clearing the connections without clearing the sticky table is useless. Because the sticky entry will simply forward the new connections back to the same server.

Also, there is no way to clear a particular sticky entry.

Finally, I think the solution for you would be to create static sticky entry.

You can force a client ip to go to a specific server.

If the server is down for maintenance, the CSM will simply select another one but will go back to the initial one if available.

To configure static entries, use the following commands

sticky 66 netmask /32

static client source x.x.x.x real x.x.x.x

Gilles.

slal · ‎11-24-2005

Hi Gilles,

Will this work with FWSM sitting between client and the CSM? FWSM is in routed mode and does static NAT for the VIP address for two destination servers.

eg

Client (2 proxys source)) -> FWSM (NATs the VIP) -> CSM -> server1/ server2 (destination - 2 x reals)

Thanks

Sanjay

Gilles Dufour · ‎11-25-2005

I don't see why it should not work.

G.