Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1488
Views
0
Helpful
1
Replies

sticky and backup/sorry serverfarm

rathinilesh
Level 1
Level 1

‎08-04-2011 08:30 AM

Hi All,

We currently have multiple SSL sticky tables configured for our client pointing to different VIPs.

We now also need to configure a backup/sorry serverfarm for our client so that connections get diverted to this sorry server when the primary serverfarm fails.

Also the "sticky" option for the backup serverfarm is not enabled.

My question is when a server in the primary serverfarm comes up what happens to the existing connections that are going to the backup serverfarm?

are those connections reset or do those connections stay till the sticky timeout expires?

After some google'ing around I came across the below document which says

http://cisco.biz/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_0/configuration/slb/guide/sticky.pdf

"If you want to configure sorry servers and you want existing connections to revert to the primary server farm after it comes back up, do not use stickiness."

Does this mean that not using the "sticky" option for the backup serverfarm will revert all existing connections back to a server in the primary serverfarm?

Thanks in advance.

Regards,

Nilesh

Labels:
0 Helpful
1 Reply 1

chrhiggi
Level 3
Level 3

‎08-08-2011 03:41 PM

Hello Nilesh-

A bit of background -

When an rserver under a serverfarm fails (meaning arp is lost, or the probe fails), by default ACE will stop sending new connections to it. The new connections are sent to the remaining rservers in the serverfarm. If all rservers are down under said serverfarm, ACE will send a reset to the incoming SYN to the VIP.  The connections that existed on the particular rserver at the time if failed will always stay on the rserver. 

The reason that we leave the connections on the rserver is that often times a probe failure is simply due to a server being overloaded. We wouldn't want to reset all connections if the server was simply busy - however, ACE offers a bit of diversity in this area.  You can configure 2 failactions.

With failaction purge configured under the serverfarm, the ACE will send a RST to both the client and rserver for every connection that exists on said rserver under said serverfarm. 

With failaction reassign, ACE will send the connections to a backup rserver (if one is configured). This command is only used in firewall loadbalancing configurations.

In regards to sticky, the entries from the primary servers will always be in the table until the timout is reached.  This is regaurdless of the operational state of the server.

As applies to your question -

When the primary is back online, ACE simply sends the new connections to the primary. Any existing connections on the backup rserver(s) will stay put until the server or client close them - or if ACE idles the connection out.  There is no function like failaction purge that resets the connections when the primary is operational.

Regards,

Chris Higgins

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card