CSS One armed configuration

d.humphries · ‎02-12-2003

I have configured one armed configuration on a CSS11050. I have two web servers 10.1.1.1 and 10.1.1.2 with a vip of 10.1.1.3.

If one of the Server services fails or put into maintenance mode, the css will not failover to the existing service. the vip address has a dns entry. how does the css redirect traffic to this webserver change of services

cschneid · ‎02-12-2003

If a service fails then no *new* connections are sent to that service but existing connections to that service are allowed to complete.

If the content rule is L5 (using 'url') then the use of the global command 'persistence reset remap' may help. This command allows the CSS to remap HTTP 1.1 persistent connections.

d.humphries · ‎02-13-2003

I bumped the number of servers up to four and this seems to have fixed some of the problems. However when there is only one server remaining in the group(port 80 closed on all other servers), the session seems to hang and never directs the users to the only existing server. Many thnaks for the previous fix

Gilles Dufour · ‎02-13-2003

this is not normal.

If you have only 1 service active, all new connections should redirected to this

server.

Does the CSS sees the services as down (show summary) ?

What kind of keepalive do you have setup ?

If you need further assistance, could you please provide us with your config and a 'sho summary' when only 1 server is active.

Gilles.

d.humphries · ‎02-13-2003

CSS11050# sh run

!Generated on 01/01/2079 00:00:30

!Active version: ap0500063

configure

!*************************** GLOBAL ***************************

persistence reset remap

ip route 0.0.0.0 0.0.0.0 168.224.237.4 1

ip route 0.0.0.0 0.0.0.0 10.1.1.1 1

!************************* INTERFACE *************************

interface e1

bridge vlan 10

description " Server VLAN10 "

phy 100Mbits-FD

!************************** CIRCUIT **************************

circuit VLAN10

ip address 10.1.1.2 255.255.255.0

!************************** SERVICE **************************

service SERVER05

ip address 10.1.1.10

protocol tcp

active

service SERVER06

ip address 10.1.1.11

protocol tcp

active

service SERVER07

ip address 10.1.1.12

protocol tcp

active

service SERVER08

ip address 10.1.1.13

protocol tcp

active

!*************************** OWNER ***************************

owner Concur_IFS

content L5_connection

add service SERVER05

add service SERVER06

add service SERVER07

add service SERVER08

vip address 10.1.1.15

url "/*"

protocol tcp

port 80

advanced-balance sticky-srcip

active

!*************************** GROUP ***************************

group Concur_Servers

vip address 10.1.1.15

add destination service SERVER05

add destination service SERVER06

add destination service SERVER07

add destination service SERVER08

active

CSS11050#

CSS11050# sh summ

Global Bypass Counters:

No Rule Bypass Count: 0

Acl Bypass Count: 0

Owner Content Rules State Services Service Hits

Concur_IFS L5_connection Active SERVER05 562

SERVER06 124

SERVER07 117

SERVER08 107

GW6 · ‎02-18-2003

You need to add keepalives to your services. That way the CSS can ping the service and decide if it is up or down.

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_710/bsccfggd/services.htm#1026607

Gilles Dufour · ‎02-19-2003

the default keepalive is ICMP ping.

So, if you just disable the port 80, the service will still be alive and therefore the CSS will still forward traffic to it.

Configure keepalive for TCP port 80.

use the commands below under the service definition.

keepalive type tcp

keepalive port 80

You can also define a keepalive type of http if you want to check a specific url on the server.

Gilles.

d.humphries · ‎03-11-2003

Gilles

many thanks, you helped me soar with the eagles.