Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1449
Views
0
Helpful
5
Replies

TCP Splicing

mahendra.raj
Level 1
Level 1

‎10-01-2009 10:58 PM

Hi

Please can you tell me what is TCP splicing and how it works / helps.

I am having issue in HTTP redirect using CSM.

After my investigation I suspect the CSM takes age to reply SYN_ACK for SYN packets because of that internmittently redirect is not working.

I hope some one should have had the same issue, can you please share with how to fix this?

Thanks

Labels:
0 Helpful
5 Replies 5

Gilles Dufour
Cisco Employee
Cisco Employee

‎10-02-2009 03:43 AM

TCP Splicing is explained here :

http://www.linuxvirtualserver.org/software/tcpsp/index.html

But it is not related to your issue.

Do you have a sniffer trace showing the problem ?

The only reason for the CSM not to respond immediately to a SYN is if it is overloaded.

It could also be because the SYN is dropped in the network.

Several 'show mod csm x tech' should show if the box is overloaded. Check counter with words like fifo, overflow, ...full.

Gilles.

0 Helpful

mahendra.raj
Level 1
Level 1
In response to Gilles Dufour

‎10-02-2009 03:59 AM

Hi - Thanks for your reply.

I have attached the sniff traffic (Public IP is hidden)...

when ever I get the page time out.. I am seeing a firewall (Nokia) log saying

"tcp packet out of state first packet isn't syn tcp_flags syn-ack"

At the same time I can see on the CSM Conns = 1 under Vserver

#######################################################

sh module csm 3 vservers name MY_WEB-RD detail

MY_WEB-RD, type = SLB, state = OPERATIONAL, v_index = 52

virtual = 10.10.10.10/32:80 bidir, TCP, service = NONE, advertise = FALSE

idle = 3600, replicate csrp = none, vlan = ALL, pending = 30, layer 4

max parse len = 2000, persist rebalance = TRUE

ssl sticky offset = 0, length = 32

conns = 1, total conns = 574

current load = 2, transition count = 0

Default policy:

server farm = HTTP_REDIRECT, backup =

sticky: timer = 0, subnet = 0.0.0.0, group id = 0

Policy Tot matches Client pkts Server pkts

-----------------------------------------------------

(default) 556 868 343

######################################################

Please advice this CSM is on our core, how safe it is to run the tech-support on this? I am bit afraid to run tech-support....!!!

In addition to that... I have bypassed the Nokia firewall and I tried it works perfectly no drops at all.. But I have this issue only when I go through the Nokia Firewall...!!!

Thanks for your help in advance...

Preview file
1063 KB
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to mahendra.raj

‎10-02-2009 04:07 AM

do you have active and standby firewall ?

Is it possible that the CSM response goes to the wrong firewall ?

I know nokia firewalls use multicast mac-address which the CSM does not like very much...is the csm directly connected to the firewall ? Could you put the MSFC in between and route between msfc and firewall ?

G.

0 Helpful

mahendra.raj
Level 1
Level 1
In response to Gilles Dufour

‎10-02-2009 04:11 AM

well.. the CSM is in Bridge mode and MSFC routes all the traffic to NOKIA...!!

0 Helpful

mahendra.raj
Level 1
Level 1
In response to mahendra.raj

‎10-05-2009 11:35 PM

Hi All,

Any further lights on this for me to fix this...please?

Thanks

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card