02-19-2010 10:22 AM
Hi, we have a pair of servers that are load balanced for port 80 traffic to 198.x.x.21 using the h_www_tcp:80 content rule . I recently got a request that port 80 traffic directed to 198.x.x.21/apps/auction be directed only to one of the load balanced servers. I created a service and content rule r_auction_tcp:80, but traffic still seems to matching the load balancing content rule and going to the wrong server (the /app/auction site only exits on the first server).
I thought it might be sticyness so I experimented by assigning my pc IP addresses that have not be used and I would still end up on the wrong server with some of the addresses.
Any ideals?
content h_www_tcp:80
vip address 198.x.x.21
port 80
protocol tcp
advanced-balance sticky-srcip
add service webwa1.1_tcp:80
add service webwa2.1_tcp:80
redundant-index 1064
sticky-inact-timeout 480
active
service webwa1.1_tcp:80
ip address 10.6.3.30
protocol tcp
port 80
keepalive type tcp
keepalive port 80
redundant-index 130
active
service webwa2.1_tcp:80
ip address 10.6.3.31
protocol tcp
port 80
keepalive type tcp
keepalive port 80
redundant-index 140
active
content r_auction_tcp:80
vip address 198.x.x.21
redundant-index 1077
add service webwa1.1-auction_tcp:80
port 80
protocol tcp
url "/apps/auction/*"
active
service webwa1.1-auction_tcp:80
ip address 10.6.3.30
protocol tcp
port 80
keepalive type tcp
keepalive port 80
redundant-index 131
active
02-22-2010 02:06 AM
does that never work, or is it just some requests that sometimes fail to be remapped to the appropriate server?
It should normally work, but with the current config it is possible to see failures for session that stayed idle.
The solution is then to increase the flow-timeout-multiplier under each content rule to 50.
Gilles.
02-22-2010 05:24 AM
It does work about half the time. Seems to depend on the source IP address, once it doesn't work on a certain address it seems to "never" work. I tried adding the flow-timeout-multiplier 50 to each of the content rules but still have the same result.
03-09-2010 06:55 AM
Why don't you just disable service webwa1.1_tcp:80 or service webwa2.1_tcp:80? If you disable one of them, by default all traffic will go to the other. Currently, both appear to set as active which means they are available for requests.
03-11-2010 01:38 AM
Seems like the sticky src ip takes precedence.
Try to add the command : url "/*"
under the original rule.
It will force the traffc to be L7.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide