Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
429
Views
9
Helpful
3
Replies

Will CSM timeout connections to servers even if it is not load balancing?

astanislaus
Level 2
Level 2

‎09-25-2007 07:19 PM

The following servers route through a CSM. Though they are not performing any load balancing they are keeping state of the connection through the load balancer. As for the load balancer, if this traffic is just routing through the CSM & performing no load balancing whatsoever, what will the CSM do once it does timeout & then receives traffic that is not initiating a new session but is the continuation of the previous session which just timed out on the CSM? Will the CSM drop the traffic or just route it through accordingly?

The destination addresses for the 2 servers having the issue are:

130.173.33.82

130.173.33.83

The CSM is routing to a Firewall context.

Also, the routes towards this particular 6500 SVI interfaces & CSM interfaces are the following:

All clients accessing this application would route through

ip route 130.173.33.0 255.255.255.0 130.173.34.69 - (Pointing to CSM interface. Traffic is then routed to a firewall context based on destination)

ip route 130.173.34.0 255.255.255.0 130.173.34.65 (Pointing SVI interface on 6500)

ip route 130.173.35.0 255.255.255.0 130.173.34.65 (Pointing to SVI interface on 6500)

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎09-26-2007 12:33 AM

All traffic is subject to timeout in the CSM including the routed traffic.

If no flow exists for a packet, the default is to drop and/or reset the connection.

You can change this behavior with the variable ROUTE_UNKNOWN_FLOW_PKTS described @

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/csm/4.2.x/command/reference/m_r.html

Gilles.

astanislaus
Level 2
Level 2
In response to Gilles Dufour

‎09-26-2007 04:42 AM

Gilles,

Thanks for your reply.

Should I set this variable to 2 or 3. I really don't understand what this variable is doing even after reading the link that you pointed me and how it will prevent the termination of the connection that is idle.

Could you please explain a bit more? Thanks in advance.

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to astanislaus

‎09-26-2007 05:29 AM

the flow will still timeout.

But when packets will come and it does not match any flow, they will be routed instead of being dropped.

Set the value to "2".

Another solution could be to use a vserver with a catch-all ip 0.0.0.0/0 and set a bigger idle timeout there. You then uses a predictor forward serverfarm to route this traffic.

Gilles.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card