Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
5
Helpful
6
Replies

sticky database client display

Go to solution
bmcginn
Level 3
Level 3

‎10-14-2010 09:15 PM

Hi all,

I'm trying to find a way to associate a STICKY Database entry with a client IP address.

The command show sticky database client IP.IP.IP.IP show's nothing.

The sticky table is being populated with a Sticky-group using HTTP-COOKIE as the type.

When I type the following command, I get an output.

show sticky database

sticky group : STICKY_COOKIE
type         : HTTP-COOKIE
timeout      : 90            timeout-activeconns : FALSE
  sticky-entry          rserver-instance                 time-to-expire flags  
  ---------------------+--------------------------------+--------------+-------+
  5138607821191281749   TESTSVR70:9806                    1603           -

When I run the command

show sticky database client 10.2.8.54 (which is my IP - and I've just connected to the VIP and consequently to a server) i get the following:

ACE1/TEST_CTX# show sticky database client 10.2.8.54
ACE1/TEST_CTX#

In fact, for all the sticky entries there (and there are a lot of them) I can't find a way to see the corresponding client IPs.  Does something need to be turned on for this functionality to work?

FYI the ACE is a module in a 6500 and it's running:

Software
  loader:    Version 12.2[120]
  system:    Version A2(3.2) [build 3.0(0)A2(3.2)]
  system image file: [LCP] disk0:c6ace-t1k9-mz.A2_3_2.bin

Any help is very much appreciated as it is annoying trying to troubleshoot a problem without that info.

Also, hooking up a wireshark thing to do a capture doesn't seem to be an efficient way to find the info I need..

Again, thanks in advance.

Brad

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎10-15-2010 01:21 AM

Your sticky type is a HTTP cookie.

Since the cookie length can be anything, we can't save the complete cookie.

So what we do is hash the cookie value into a 64bits long value which corresponds to the sticky entry "5138607821191281749".

Therefore it is not possible from an ip address to find the corresponding sticky entry.

Gilles.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎10-15-2010 01:21 AM

Your sticky type is a HTTP cookie.

Since the cookie length can be anything, we can't save the complete cookie.

So what we do is hash the cookie value into a 64bits long value which corresponds to the sticky entry "5138607821191281749".

Therefore it is not possible from an ip address to find the corresponding sticky entry.

Gilles.

0 Helpful

Go to solution
bmcginn
Level 3
Level 3
In response to Gilles Dufour

‎10-17-2010 03:17 PM

Gilles,

That explains it then.

Also, going from that I then assume it will be difficult for me to be able to find out who is associated to each sticky entry?

Do you know if there's a way to do that easily?

Brad

0 Helpful

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee
In response to bmcginn

‎10-18-2010 12:53 AM

This is currently not possible.

But we have added a new command in the future 4.1.x version which can let you display connections attached to a sticky entry.

Gilles.

Go to solution
bmcginn
Level 3
Level 3
In response to Gilles Dufour

‎10-18-2010 03:14 PM

That will be helpful..  I don't suppose you know when that version of code will be available?

Brad

0 Helpful

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee
In response to bmcginn

‎10-19-2010 12:42 AM

The command will be "show conn sticky ".

The version 4.1.x will be supported on the Ace appliance and the new ACE30 module.

It is scheduled to be released in december/january...if all goes well.

Gilles.

0 Helpful

Go to solution
bmcginn
Level 3
Level 3
In response to Gilles Dufour

‎10-19-2010 02:53 PM

Giles,

Thats good to know.

From your answer though you didn't specify the ACE module as being a platform on which the 4.1 code is supported.  Does that mean the code won't work and/or isn't supported on the hardware I have here?  The sh module and the show version are below.  Thanks for your replies, its really great to speak to someone who is so closely associated with the ACE stuff.

NAME: "module 9", DESCR: "Application Control Engine Service Module"
PID: ACE10-6500-K9     , VID: V06, SN: SXX11111111

Cisco Application Control Software (ACSW)
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.

Software
  loader:    Version 12.2[120]
  system:    Version A2(3.2) [build 3.0(0)A2(3.2)]
  system image file: [LCP] disk0:c6ace-t1k9-mz.A2_3_2.bin
  installed license: ACE-08G-LIC ACE-SEC-LIC-K9

Hardware
  Cisco ACE (slot: 9)
  cpu info:
    number of cpu(s): 2
    cpu type: SiByte
    cpu: 0, model: SiByte SB1 V0.2, speed: 700 MHz
    cpu: 1, model: SiByte SB1 V0.2, speed: 700 MHz
  memory info:
    total: 826136 kB, free: 213864 kB
    shared: 0 kB, buffers: 4032 kB, cached 0 kB
  cf info:
    filesystem: /dev/cf
    total: 1000512 kB, used: 395856 kB, available: 604656 kB

last boot reason:  reload command by bmcginn
configuration register:  0x1
BNESSB2ACE1 kernel uptime is 18 days 23 hours 33 minute(s) 9 second(s)

0 Helpful
Customers Also Viewed These Support Documents