Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
10
Helpful
5
Replies

CSM: Maximum policies under 1 vserver

jofi
Level 1
Level 1

‎06-09-2004 02:08 AM

Hi,

We are migrating from CSS to CSM.

For one particular VIP on the CSS we have about 20 Contentrules (each time different url's), the services used in these contentrules are not always the same.

We have run in to a problem on the CSM. We created a vserver, and started adding policies.

Each of those 20 contentrules on the CSS = 1 policy, each policy=1 headermap and 1 serverfarm. (in the headermaps we only use host-header names, without wildcards)

The 7th policy didn't work anymore, as did the 8th, and when you add a 9th all policies in the vserver stop functioning.

We found out that the vserver runs out of memory. Each time we add a policy the memory-usage of that vserver more than doubles (checked it with "show mod csm 5 mem).

The vserver with 1 policy uses about 237 bytes, 2 policies=860 bytes, 3=2348,... with 8 policies it's 141824 bytes, and finally 9=insufficient memory (the maximum is 260944 bytes).

Are we doing something fundamentally wrong? We use policies so we can use different serverfarms.

We have opened a case for this with the TAC, but it seems strange to me that nobody has noticed this before.

Did somebody run in to this issue before?

Regards,

Joeri

Labels:
0 Helpful
5 Replies 5

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-09-2004 03:04 AM

The TAC engineer that handles your case will soon send you the following answer.

The problem is the 256k memory available for the policies. As you already know, you are running out of memory with your policies.

The reason the memory usage increases exponentially is when you try to match something like *STRING*.

The double * is the problem. It should be avoided.

Now, you are going to tell me you are not using such a search criteria.

The 2nd problem is that the CSM converts header map into a ** string.

So each header map is equivalent to a *STRING*.

There is no workaround to this currently.

You have to avoid header map or reduce the number of policies [try to combine them]

Gilles.

jofi
Level 1
Level 1
In response to Gilles Dufour

‎06-09-2004 03:36 AM

Thanks Gilles!

Although that it's not exactly good news :-S

Regards,

joeri

0 Helpful

jfoerster
Level 4
Level 4
In response to Gilles Dufour

‎06-10-2004 01:27 AM

Hi Gilles,

I'm intrested in some more details about this as I've implemented an environment with url-maps checking for certain urls. One of them looks like

map FOO url

match protocol http url /foo

match protocol http url /foo*

match protocol http url /foo/*

I need the asterix as /foo did not fetch up all suburls of /foo :-(

May I have the same issue if I've to add some more policies (right now there are 4 like this). I did not check the sh mod csm X mem command so far but I want to make the customer be aware of a potential problems adding more maps like the above one.

Thanks in advance for answering...

Kind Regards,

Joerg

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to jfoerster

‎06-10-2004 08:56 AM

one asterisk at the end is ok.

What should be avoided is a match of a string in the middle of a url like - match protocol http url *foo*

Regards,

Gilles.

jfoerster
Level 4
Level 4
In response to Gilles Dufour

‎06-10-2004 11:34 PM

Hi Gilles,

thanks for the answer this is what I hoped to receive as answer....

THANKS

Regards,

Joerg

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card