01-27-2011 06:03 AM
Hi All,
We currently have a situation where we are sending traffic from an ISA server to our VIP hosted on the ACE, but we are using a layer 3 IP based stickyness (30 min timeout), and we are seeing that the same rserver is 'sticking' on its return within the 30 mins period.
There are multiple clients which connect to the one VIP address, rough ascii diagram below
C1 C2 C3 Cn
\ \ / /
\ \ / /
----------------------------------
: I S A :
----------------------------------
:
:
VIP
/ \
/ \
R1 R2
R1/R2 = Rservers
C1/2/3/n = Clients
We would like to perform a sessions / layer 7 based sticky, but I'm not sure which configuration and post implementation testing is required to check that everything is working ok? FYI all the clients refer to the same URL to get to the ISA
Any help on this would be great!
Cheers,
Rob
Message was edited by: robwu2006
01-27-2011 06:42 AM
if the traffic is http and clients are using browser the simplest way to do sticky would to have the ace insert a cookie i.e.
sticky http-cookie ACECOOKIE
cookie insert browser-expire
replicate sticky
serverfarm serverfarm1
this inserts a cookie on the first response that is tied to the server. use of browser-expire means when the ace sends the client the set-cookie it will not include an expires line so the browser will continue to use it until they close the browser session.
if we don't use broser expire i.e.
sticky http-cookie ACECOOKIE
cookie insert
timeout 30
replicate sticky
serverfarm serverfarm1
when the ace sends the set-cookie in the response to the first get it will include an expire time (in GMT) and browser itself is smart enough to stop using this cookie when it expires.
ace can also learn cookies from server, or sticky can be done on http headers .
with cookie insert it is a static entry into the cookie databse so there is one unique value of the cookie for each server.
regards
01-27-2011 09:14 AM
Yes sorry to mention, we are trying to load balance HTTP traffic, on one particular port.
Is there a good set of commands to verify that the cookie stickiness is working/not working?
Cheers
Rob
01-28-2011 06:52 AM
There isn't really a good way to verify this on teh ace itself. Because when we insert
a cookie it is a static entry that is there all the time. You can see it with
show cookie database static you will see
Switch/sam# show sticky da static
sticky group : QA.MYPORTICO-HTTP-STICKY
type : HTTP-COOKIE
timeout : 720 timeout-activeconns : TRUE
sticky-entry rserver-instance time-to-expire flags
---------------------+--------------------------------+--------------+-------+
R2958891576 SLEEPY:80 never -
sticky group : SAM-D2L-HTTP-STICKY
type : HTTP-COOKIE
timeout : 720 timeout-activeconns : TRUE
sticky-entry rserver-instance time-to-expire flags
---------------------+--------------------------------+--------------+-------+
R2833108882 ADAMA:80 never -
sticky group : SAM-D2L-HTTP-STICKY
type : HTTP-COOKIE
timeout : 720 timeout-activeconns : TRUE
sticky-entry rserver-instance time-to-expire flags
---------------------+--------------------------------+--------------+-------+
R349361917 STARBUCK:80 never -
sticky group : SAM-D2L-HTTP-STICKY-DEV
the values starting with R will be the cookie values for each server.
I
if however you are learning a cookie then
show sticky database group
will show entries for each of the server cookies learned in response back to client.
whenever you think you have a problem with sticky the quickest way to verify if it is not working correctly is to reduce serverfarm to 1 seerver in service then if problem goes away it is probably sticky (although could be a malfunctioning server and you took it out)
the definitive way to troubleshoot is with a packet capture of ace front end and back end traffic. here you would be able to see if sticky is broken .
02-14-2011 04:21 AM
Hi litrenta
Thanks for the infor, we will be implemented this later this wk, so will let you know how we go! Also sorry about the late reply, a few wks of holidays!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide