Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
711
Views
0
Helpful
3
Replies

CSM and Proxies

Go to solution
mark.duffy
Level 1
Level 1

‎06-23-2005 03:03 AM

Hi

I've just recieved a request from a customer who wants to load balance on their CSMs connnections that have effectively come from a proxy.

So a client will connect to an ichain box to authenticate, if the successful then they will be passed on to the virtual address. They need the address that hits virtual address to be sticky so the client always gets the same server. However because the request is forwarded on from the ichains box (which is acting as a proxy) the address will always be one of the 2 ichains boxes.

Can the source address used in a load balanced rule be pulled from the X-ForwardedFor section of the HTTP request?

Many thanks

Mark

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jfoerster
Level 4
Level 4

‎06-23-2005 09:29 AM

Hi Mark,

I guess this can be performed with http header stickieness but this requires CSM version 4.2 mentioned in the releasenotes (

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00803e006a.html#wp1030587)

From a config trial:

sticky 1 ?

cookie configure sticky group cookie

header configure sticky group header

netmask configure sticky group IP netmask

ssl configure sticky group ssl

so

sticky 1 header X-ForwardedFor 10

should do the job.

But insert one more line in the config:

variable HTTP_CASE_SENSITIVE_MATCHING 0

so that the matching is no longer case sensitive.

Kind Regards,

Joerg

PS

Please let me know about the outcome I only tested it with MSIDN but it should work with this header too

View solution in original post

0 Helpful
3 Replies 3

Go to solution
jfoerster
Level 4
Level 4

‎06-23-2005 09:29 AM

Hi Mark,

I guess this can be performed with http header stickieness but this requires CSM version 4.2 mentioned in the releasenotes (

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00803e006a.html#wp1030587)

From a config trial:

sticky 1 ?

cookie configure sticky group cookie

header configure sticky group header

netmask configure sticky group IP netmask

ssl configure sticky group ssl

so

sticky 1 header X-ForwardedFor 10

should do the job.

But insert one more line in the config:

variable HTTP_CASE_SENSITIVE_MATCHING 0

so that the matching is no longer case sensitive.

Kind Regards,

Joerg

PS

Please let me know about the outcome I only tested it with MSIDN but it should work with this header too

0 Helpful

Go to solution
mark.duffy
Level 1
Level 1
In response to jfoerster

‎06-23-2005 11:32 PM

Joerg

Many thanks for the speedy response and reply, we'll give it a go and see how it works.

We are lucky this is a migration from CSS to CSM so we can select the code from day one.

Once again thanks for your help

Mark

0 Helpful

Go to solution
jfoerster
Level 4
Level 4
In response to mark.duffy

‎06-26-2005 09:52 PM

HI Mark,

hmm did you do header stickiness with the CSS? I'm still searching for a good example on how to perform this. As far as I got things on the CSS header stickiness is not realy possible right?

Kind Regards,

Joerg

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card