07-12-2013 01:41 PM
I have a CSS 11503 that we use to balance SIP calls(UDP) among our SIP servers.
We have a content rule that balances the incoming traffic and a source group to NAT the outbound traffic. Both the content rule and the source group use the same IP address.
When a SIP call arrives at one of our servers through the VIP an entry is created in the sticky table based on the sip-call-id as expected. But when we initiate a call from one of our SIP servers an entry is not created in the sticky table. When the remote SIP server responds the CSS sees a new sip-call-id and load balances the call instead of sending it back to the originating server.
Is there a way to add an entry to the sticky table for the sip-call-id when a source group is used?
Here is the pertinent config:
circuit VLAN2
ip address 10.10.1.3 255.255.255.0
ip virtual-router 25
ip redundant-interface 25 10.10.1.1
ip redundant-vip 25 10.10.1.233
no redirects
circuit VLAN3
ip address 10.10.2.3 255.255.255.0
ip virtual-router 52
ip redundant-interface 52 10.10.2.1
no redirects
service SIP03
ip address 10.10.2.233
redundant-index 130
active
service SIP08
ip address 10.10.2.238
redundant-index 180
owner test
content sip-udp-test
application sip
port 5060
protocol udp
flow-timeout-multiplier 38
vip address 10.10.1.233
redundant-index 103
balance weightedrr
add service TalkingSIP03 weight 1
add service TalkingSIP08 weight 1
advanced-balance sip-call-id
active
!*************************** GROUP ***************************
group sip-udp-test
vip address 10.10.1.233
flow-timeout-multiplier 38
redundant-index 200
add service SIP03
add service SIP08
portmap disable
A call comes into 10.10.1.233 on udp 5060, is load balanced to 10.10.2.233(SIP03), and an entry is added to the sticky-table for the sip-call-id.
When SIP03 starts a call to remote server 1.1.1.1 using source group IP 10.10.1.233 a sticky-table entry is not added for the sip-call-id and when 1.1.1.1 sends a response it is load balanced to either SIP03 or SIP08.
How can I keep the call that was initiated on SIP03 on SIP03?
Thanks,
Steven
07-15-2013 02:42 PM
Steven-
The "vip address" on your content rule is what matches the inbound traffic. Your outbound traffic is initiated to 1.1.1.1 which is not a vip ip, hence, it doesn't match the content rule. On the reverse - the response is mapping to a vip ip since the source was the natpool. I would assume that 1.1.1.1 server already had a connection through the vip and/or something changed slightly about the flow that classified it as a new inbound connection instead of re-mapping back through the sourcenat pool.
Chris
07-16-2013 05:53 AM
I think this problem is unique to UDP.
I assume there is an existing flow with the sourcenat when 1.1.1.1 responds. Is there a way get the CSS to use the flow in this instance instead of load balancing?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: