Sticky problem - Page 2

michael.e.reid · ‎01-23-2007

Hi, we have an issue where the sticky tables on our CSS are too large, so that if a server fails, connections move to the rest of the farm. As the sticky table does not time out anytime soon the failed server does not get many connections when it is back online.

Sticky-inact-timer command does not work as this only makes the entries eligible for removal.

The content rule is a L4 on port 443, I tried to configure this as an L5 rule with arrowpoint cookies but I suspect this does not work as we are using SSL connection that is not terminated on the CSS.

The servers themselves send a cookie ? Can I make use of this or as the connection is port 443 am I stuck ?

Any other solutions would be much appreciated.

cheers,

Mike

michael.e.reid · ‎01-25-2007

Gilles,

No problem. I understand what you are saying that the timeout says '0'.

After applying the command 'sticky-inact-timeout 31' a suspend/active is not necessary is it or should it take affect immediately ?

Here it is this morning.

NLAMSDC2CS001# show sticky-table l3-sticky ipaddress x.x.x.x 255.255.255.255

L3 Sticky List on Slot 1, subslot 1:

Entries for page 1.

Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact

Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)

------------------------------------------------------------------------------

2 911a7e32 13 ACT 12 ALIVE 64445 530 0 L3 0

Total number of entries found is 2.

And now I will purge it.

NLAMSDC2CS001(debug)# sticky-purge l3-sticky x.x.x.x 255.255.255.255

NLAMSDC2CS001# show sticky-table l3-sticky ipaddress x.x.x.x 255.255.255.255

L3 Sticky List on Slot 1, subslot 1:

Entries for page 1.

Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact

Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)

------------------------------------------------------------------------------

Total number of entries found is 0.

And connect to the URL again - and now the inact timer is set to 31

NLAMSDC2CS001# show sticky-table l3-sticky ipaddress 145.26.126.50 255.255.255.255

L3 Sticky List on Slot 1, subslot 1:

Entries for page 1.

Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact

Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)

------------------------------------------------------------------------------

1 911a7e32 13 ACT 29 ALIVE 2 3 0 L3 31

Total number of entries found is 1.

cheers,

Mike

michael.e.reid · ‎01-25-2007

Gilles,

Progress.

Now my entry has gone.

NLAMSDC2CS001# show sticky-table l3-sticky ipaddress x.x.x.x 255.255.255.255

L3 Sticky List on Slot 1, subslot 1:

Entries for page 1.

Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact

Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)

------------------------------------------------------------------------------

Total number of entries found is 0.

I am going to try again to verify ? Do you think a complete sticky-purge is needed to make the inact-timeout become active ?

NLAMSDC2CS001# show sticky-table l3-sticky ipaddress x.x.x.x 255.255.255.255

L3 Sticky List on Slot 1, subslot 1:

Entries for page 1.

Entry Hash Rule Rule Srv Srv Time(Sec) Hit Col Elem Inact

Number Value Indx State Indx State Elapsed Cnt Cnt Type Cfg(Min)

------------------------------------------------------------------------------

1 911a7e32 13 ACT 16 ALIVE 9 3 0 L3 31

Total number of entries found is 1.

cheers,

Mike

Gilles Dufour · ‎01-25-2007

Mike,

yes a complete sticky-purge is needed as the entries would not disappear alone with the infinite timeout.

Gilles.

michael.e.reid · ‎02-22-2007

Gilles,

Quick one (hopefully) If I suspend/activate a content rule are the sticky entries associated with that rule purged ?

cheers,

Mike