Solved: Re: Idle Oracle DB connection through ACE dropped after 1 hour

zac.quinn · ‎08-27-2009

Hi folks,

I'm looking for some ideas how to troubleshoot a problem we're having with an Oracle App.

What we are finding is that when a request takes more than an hour for the Oracle DB to process the connection is being dropped.

When wireshark is used at DB server interface we see nothing for an hour and then a single packet RST,ACK with the source identified as the App Server.

We have an App server farm that is behind an ACE module that is in bridging mode. The DB server is on another VLAN so the path the traffic takes is from the App Svr through the ACE from the back to the frontside vlan, through the 6506's MSFC to be routed to the DB server.

Path like this:

Appserver|-->VL203-->|ACE|-->VL202-->|L3 Switch|-->VL200-->|DB Server

If we move the App server to Vlan 202 in front of the ACE the process carries on to completion (after 75 mins).

Is there anything in the ACE settings that could cause the connection to be dropped after an hour for traffic that should simply be being bridged through?

Any suggestions as to where to look next would be appreciated.

TIA

Zac

Gilles Dufour · ‎08-27-2009

the default idle timeout on the ACE is 1 hour.

This is true for all traffic - not just loadbalanced.

If you want to change this, you need to create a policy to match your traffic and use a parameter-map of type connection where you set the inactivity timeout to whatever value is required for your environment.

Gilles.

View solution in original post

Gilles Dufour · ‎08-27-2009

the default idle timeout on the ACE is 1 hour.

This is true for all traffic - not just loadbalanced.

If you want to change this, you need to create a policy to match your traffic and use a parameter-map of type connection where you set the inactivity timeout to whatever value is required for your environment.

Gilles.

zac.quinn · ‎08-27-2009

OK Gilles, I'll look at that in the morning. However, this is where it gets interesting.

We have DB servers on two other VLANs routed by the same switch. The connections to those DB servers don't get cut off after an hour (In the connection path I outlined swap VLAN 200 for VLAN 50 or VLAN 205) One of them is even behind the ACE in a different server farm.

Zac

zac.quinn · ‎08-27-2009

Diagram attached if it helps.

Gilles Dufour · ‎08-27-2009

this is an inactivity timeout.

So the connection has to be idled.

Also, would you have 'no normalization' on those vlans ?

Gilles.

zac.quinn · ‎08-27-2009

No I have not added the 'no normalization' to any VLANs on the ACE.

The way we've been testing is to use a SQLnet session to execute a sleep for 75 mins command on the DB server to create the idle connection. It works through to completion to the DB servers in Vlans 206 and 50 but fails after an hour to the DB servers in 200.

zac.quinn · ‎08-28-2009

OK we've cracked it. Turns out the DB servers that succeed are running windows and the ones that fail are solaris. The windows servers were sending keepalives every 5 mins whilst the solaris were not (default of 2 hours). We've set the timer on the solaris boxes to 15mins and all is now good. Thanks for your help Gilles.

Regards,

Zac