cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
613
Views
0
Helpful
1
Replies

How cisco CSM parses packets?

vladimirsaltao
Level 1
Level 1

Hi all, Some days ago i had a problem with a Cisco CSM configuration. The short history is that i had to change the parse-length (virtual server submode) command to the max. 4000 bytes value for this implementation to work, if i dont do this the CSM sends resets to the client. what i would like to know is if someone knows how the CSM parses packets when it is "searching" for a string,cookie,etc, i am having some difficulties finding info about this.

1 Accepted Solution

Accepted Solutions

Gilles Dufour
Cisco Employee
Cisco Employee

The parse length on the CSM is the amount of bytes we can store to find the needed information (ie: cookie).

So when we get an HTTP request or response the CSM will buffer everything it received up to max parse-len or header limit (\r\n\r\n).

Once we reached the end of the HTTP header we stop buffering.

While buffering we also start looking for the info that we need.

If we do find it we also stop buffering.

There is nothing magic here.

If the HTTP header gets so big that the info we are looking for goes beyond the max-parse-len when we start buffering looking for the info, we endup using all the buffer space allocated to the connection and decide to drop the connections as we don't know if the info is just not there, or somewhere further in the header but we don't have space to buffer more.

When the CSM was created a long time ago, 2000bytes for the header was normal.

Nowadays, http header tends to be bigger and it is very often require to bump the parse length even further than 4000 bytes.

This can be done with a variable.

Gilles.

View solution in original post

1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

The parse length on the CSM is the amount of bytes we can store to find the needed information (ie: cookie).

So when we get an HTTP request or response the CSM will buffer everything it received up to max parse-len or header limit (\r\n\r\n).

Once we reached the end of the HTTP header we stop buffering.

While buffering we also start looking for the info that we need.

If we do find it we also stop buffering.

There is nothing magic here.

If the HTTP header gets so big that the info we are looking for goes beyond the max-parse-len when we start buffering looking for the info, we endup using all the buffer space allocated to the connection and decide to drop the connections as we don't know if the info is just not there, or somewhere further in the header but we don't have space to buffer more.

When the CSM was created a long time ago, 2000bytes for the header was normal.

Nowadays, http header tends to be bigger and it is very often require to bump the parse length even further than 4000 bytes.

This can be done with a variable.

Gilles.

Review Cisco Networking for a $25 gift card