Cisco Application :: ACE30 VIP Is Still Responding To Ping When Both Servers Are Down
Oct 30, 2012
I saw a strange beaviour in the ACE30 today.We are configuring most of our VIP:s with "loadbalance vip icmp-reply active" and I haven't thought about it that much.I just assumed it would do what the command says.Today an Intel tech called and said that he had taken down the webservice on port 80 on both servers in a serverfarm and he could still ping the VIP.I had a look in the ACE and saw that the VIP was marked OUTOFSERVICE. But he could still ping it at that moment.What is the criteria for the VIP not to respond to ping with the above command set?
View 5 Replies
ADVERTISEMENT
Apr 10, 2013
is there a possibility to get a load balancing across two rservers so: when client sends http://vip/ and it goes to rserver1 then url is sent without change when client sends http://vip/ and it goes to rserver2 then url is modified to http://vip/xyz/
Or maybe load balancing can be done across two serverfarms ?
View 3 Replies
View Related
Jun 17, 2012
What are the maximum number of real servers, server farms and virtual servers i can configure on ACE30 module,Is there any documentation available on cisco site where i can check this? Does it depend on the hardware or does it depend on the software version?
View 3 Replies
View Related
Oct 10, 2011
I recently deployed an ACE 4710 Appliance. Configs seems right but clients cant Ping the VIP and acnt also connect to the VIP. Also VIP Dosent show in 'sh arp'.
See the configs!!
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2011.10.11 10:48:14 =~=~=~=~=~=~=~=~=~=~=~=
sh runGenerating configuration....
[Code].....
View 8 Replies
View Related
Jan 6, 2013
I have ACE 30 module which is runing on SW 6500 in VSS mode, Vr. 15.0.2 with enugh power avilable ( 2550 W ) , i have insert the module at slot number 7 , the issues am facing it's desribe below :
7/0 ACE Expansion Card 1 ACEMOD-EXPN-DC 1.1 PwrDown
7/1 ACE Expansion Card 2 ACEMOD-EXPN-DC 1.1 PwrDown
And if i take out the blade and insert it again it's work for some time then goes down . here is the consle messages before it goes down :
.ACE platform with 2097152 Kbytes of main memory
.Loading disk0:c6ace-t1k9-mz.A4_1_0.bin. Please wait ....
Uncompressing Linux...
Starting the kernel...
[Code].....
View 2 Replies
View Related
Oct 26, 2011
Is it all possible to use an ACE30 to RHI a VIP which acts as route for servers on LAN A to reach LAN B . We have 2xL2 WAN circuits between 2 sites used by only 4 servers for (different L3 subnets for the hosts). I`m considering using a VIP to load balance across 2 WAN circuits using L3 interfaces on the MSFC either side as rservers with a single VLAN in/out on the ACE where the VIP resides - simlair to using the Cisco design for firewall load balancing minus the inspections etc. Obviously we can do this entirely in the MSFC but considering options.
View 1 Replies
View Related
Jul 12, 2012
I have a pair of ACE30 in Active/Standby mode. I can ssh to all active contexts. I can also ssh to all standby contexts except one.
View 6 Replies
View Related
Jan 16, 2013
We did a faulty ACE30 module swap in a HA pair. Both the ACEs have stopped syncing since then. Below is the error message I see:
FT Group ID: 1 My State:FSM_FT_STATE_ACTIVE Peer State:FSM_FT_STATE_STANDBY_CONFIG
Context Name: Admin Context Id: 0
Running Cfg Sync Status:Failed to convert/transform configuration to peer version
Both ACE modules are running 5.2 with the same license.sh ft peer status from both active and standby show the same results.
Peer Id : 1State : FSM_PEER_STATE_COMPATIBLEMaintenance mode : MAINT_MODE_OFFSRG Compatibility : COMPATIBLELicense Compatibility : COMPATIBLEFT Groups : 15
Am I missing something here?
View 5 Replies
View Related
Oct 25, 2011
Have a client with one ACE20 and now he needs a second one for redundancy.Since ACE20 is EOL, can I use an ACE30 with an ACE20 as a failover pair?
View 1 Replies
View Related
Jan 27, 2013
I have four rservers. I have found that if the first listed server in my serverfarm is off line, the entire farm quits working. How did I come to this conclusion? You see as part of "serverfarm host PORTAL-FARM" rservers "SISPOAS1 through 4". I can shut down any server except SISPOAS1 and all is well. The load balancer sees the probes have failed to that given server and continuses to load balance to the others. However, If I shut down SISPOAS1, nothing works. I confirmed this by eliminating SISPOAS1 from the configuration completely. After doing so, I could reproduce the exact same problem using SISPOAS2 since it is now the first rserver in the list after I removed SISPOAS1. I'm stumped! Looking at the configuration below, what am I missing???
access-list TRAFFIC line 8 extended permit ip any anyaccess-list TRAFFIC line 16 extended permit icmp any any
probe tcp 389 port 389 interval 2 passdetect interval 2 passdetect count 1 open 1probe tcp 636 port 636 interval 2 passdetect interval 2 passdetect count 1 open 1probe tcp 7777 port 7777 interval 2 passdetect interval 2 passdetect count 1 open 1probe tcp 7778 port 7778 interval 2 passdetect interval 2 passdetect count 1 open 1probe tcp 7780 port 7780 interval 2 passdetect interval 2 passdetect count 1 open 1probe tcp [Code]...
View 4 Replies
View Related
Jun 11, 2012
I am new to the ACE30. I a basic configuration from the CLI and I am trying to use the device manger. I am able to get to the web informational page rather then accessing the login page. I have rest the password for both the admin and www and still no go. my question is how to go into enabling the GUI access.
View 1 Replies
View Related
Feb 18, 2013
I would like to know if I can migrate the config from ACE20 to ACE30 (last software) without any issue.I don't have any ACE30 to test
View 3 Replies
View Related
Feb 4, 2013
is it possible to construct the L7 HTTP class-map expression to match all URLs except one? I have 1 correct url, for example: /correcturl.* and want to redirect requests to all other possible URLs to this one, without the need to list them all in "possitive match" statements.
View 6 Replies
View Related
Aug 25, 2012
We have a subnet setup on the ACE as follows:
interface vlan 300
description CALLISTA Environment
ipv6 enable
ip address 2001:388:608c:8b8::fffd/64
alias 2001:388:608c:8b8::fffe/64
peer ip address 2001:388:608c:8b8::fffc/64
ipv6 nd ra interval 30
[code]....
Notes:There is the primary subnet 130.194.13.0/26 and the secondary IP subnet 130.194.19.192/27?The nat-pool is configured to allow server initiated connections to their frontend VIP when necessary.We are noticing that when a server on the 130.194.19.192/27 subnet needs to communicate with a server on 130.194.13.0/26, albeit on the same VLAN, the destination server sees connections with a source IP of 172.16.25.231, which is the NAT address. Is this expected behavior, where connections between IP subnets, albeit on the same VLAN are NATed?
View 1 Replies
View Related
Aug 25, 2012
We have a subnet setup on the ACE as follows:
interface vlan 300
description CALLISTA Environment
ipv6 enable
[Code].....
We are noticing that when a server on the 130.194.19.192/27 subnet needs to communicate with a server on 130.194.13.0/26, albeit on the same VLAN, the destination server sees connections with a source IP of 172.16.25.231, which is the NAT address. Is this expected behavior, where connections between IP subnets, albeit on the same VLAN are NATed?
View 1 Replies
View Related
Nov 28, 2011
Am looking to upgrade the software on the ACE30 from: [code]. Any ACE30 guide that explains this. Have looked at the ACE30 configuration guide which I thought would cover this in the section "Managing The ACE Software", however everything else has been covered off except how to go about upgrading the software.
View 1 Replies
View Related
Apr 18, 2013
I have a strange behaviour with some ACE30 running A5 release :
Setup is in bridge mode, working correctly with a default gateway set in the context.
For some reason, some return traffic is being routed on the ACE instead of being bridged.
On what conditions would the ace decide to route the traffic of simply bridge it from the server vlan to the client vlan.
View 4 Replies
View Related
May 23, 2012
After upgrade from ACE20 with A2(3.5) to ACE30 with A5(1.2) I get failures in a number of server farm's, where before upgrade the number was zero. No drops in VIP and logs from applications do not notice any new errors.
View 2 Replies
View Related
Apr 14, 2013
I have a request to configure an ACE30 for Oracle Hyperion utilizing SSL termination at the SSL offloader(ACE30). Any sample configuration or template of some sort that could guide me through what needs to be configured. We have many applications on the ACE#) but this is the first time we are going to try SSL termination.
View 3 Replies
View Related
Nov 9, 2011
We currently have 6 admin context and they are all utilizing the same snmp engineid (Local SNMP engineID: 800000090441646D696E) which is causing issues as far as our monitoring/performance platform CA eHealth. Isn't the engineID, by default, the first interface on the device?
Doesn't seem to be the case on an ACE30.How is the SNMP engineID derived on the ACE30?
View 1 Replies
View Related
Oct 28, 2011
Last month I was reviewing following Cisco document, in which Cisco mentioned that ""To avoid possible memory fragmentation in the forwarding information base (FIB), Cisco recommends that the switch processor (SP) DRAM to a minimum of 1 GB ""
[URL]
Since this document has been revised in Oct 2011 and, I can't no more find the above memory recommendations.
I want know if any one using WS-SUP720-3B with IOS SXI6 and Cisco ACE30 has gone for upgrading the SP DRAM from 512MB(default) to 1GB ?
View 1 Replies
View Related
May 23, 2013
I need to upgrade a pair of ACE30s to 8Gbps.According to the administration guide, there will be no impact.BUT, it states also:
All license installations except one have no adverse impact to an operating ACE. [URL] Ofcourse, nothing is said about which one has impact.I assume it's the 16Gbps license but how to confirm this?
View 1 Replies
View Related
May 30, 2012
we use ACE30 module, ver. A4(1.0) for access to intranet application. The https connection from client is terminated on ACE module, LB algorithm is used and new SSL connection is initiated to the server. Standard operation works without problems.
But when user generates a .xls od .pdf report in the application, it should open in a new popup window. Problem is, that it does not (but on the server, the report is generated and stored). The PC and browser are configured fine, when accessing the application from the same PC directly (bypassing the ACE module), the popup window appears.
View 2 Replies
View Related
Aug 7, 2011
I`ve seen quite a lot of posts regarding SSH issues and the above SSH error. However the fix mainly involves upgrading clients but in this instance the client is are Cisco routers 3845 / 2811 - which we use for out and inband management.Connectivity / routing etc is proven. Using SSH v2 the actual 6500 chassis where the ACE is physically located works fine. Configuring SSH v1 on the ACE module allows connections via the 3845/2811`s but we cannot use this.Both have the following IOS Version 12.4(24)T4. I have tried various key sizes on the ACE module. [code]
View 4 Replies
View Related
Sep 9, 2012
We've got pairs of ACE30s in our data centers set up with active/standby FT. Some time yesterday the active ACE in one data center started refusing management traffic - it accepts SSH connections but fails authentication (local password, no RADIUS/TACACS is configured); and ANM reports it as down (no XML connectivity),We haven't opened a TAC case yet - someone's on his way over to see whether we can get in through the serial port first - but I'm wondering whether there are any other diagnostics we can gather (will resetting the module form the Sup force a coredump?) before we do.
View 2 Replies
View Related
Jan 28, 2013
Is there a way to convert TCP options header into an http header using Cisco ACE ? is there an equivalent solution with Cisco as the one proposed by F5 here: url.
View 7 Replies
View Related
Sep 6, 2011
I've got basic connectivty to our ACE30 module and when I try connecting to the management IP address (attached to the Admin context), I see a very basic GUI which only lists the CSM to ACE config conversion tool. I don't see a GUI as detailed in the document: url...How do I get the ACE Applicance Device Manager GUI working so that I can then configure real servers, serverfarms etc rather than via the GUI?Having read through copious amount of documentation I can't seem to find a refrence that would ne useful here. This should be a fairly straight forward exercise - do I need to install some other software to get the full fledged GUI working?
View 2 Replies
View Related
Dec 2, 2012
My ACE module ACE30-MOD-K9 crashed today, and at the show ver output i see "last boot reason: Service "cfgmgr" ".the curent version we running is Version A5(1.2) [build 3.0(0)A5(1.2).
After doing some research i found known bug that supposed to be fixed in this version: CSCtu36146
CSCtu36146—The ACE becomes unresponsive due to a configuration manager (Cfgmgr) process failure with the last boot reason: Service "cfgmgr."
View 2 Replies
View Related
Nov 6, 2012
I've run into an interesting problem trying to migrate my production config from my redundant ACE20's (A2(3.4)) to the new ACE30's (Tried (A4(1.0) and A5(1.0)). Everything on the ACE30 is working fine with a base config, but when the restore all is run from the ACE20 backup (backup all), the SSL files are not restored and return errors. All the contexts are restored correctly, along with the startup-config, but the running config fails due to no SSL.
All the crypto certs/keys are exportable and are present in the backup .tgz file.
View 1 Replies
View Related
Feb 16, 2013
ACE version is A5_2_1.the transfer was carried out by the following procedures.1) C6509 vlan set2) client and serverfarm vlan svclc vlan-group not included.3) ACE configuration. - FT vlan 999 - Client vlan 20 - Serverfarm vlan 154) ACE services enable
Problem occurs, I know why I do not know.
Was configured as follows.
======>> MSFC Configure (C6509#1 and C6509#2)
svclc autostatesvclc multiple-vlan-interfacessvclc module 4 vlan-group 150svclc vlan-group 20 999
C6509#1interface Vlan20 ip address 172.16.20.2 255.255.255.0 no shutdown
ip route 192.168.15.0 255.255.255.0 172.16.20.100
[Code]....
View 1 Replies
View Related
Sep 23, 2012
We are in the situation we have a active configuration with ACE30 doing normal load balancing in routed mode, we have tons of rservers going out on a VIP.we now had to add a new private network to a provider that strangely enough does not want to see our public or private addresses. we need to loadbalance towards him on a priovided subnet (still rfc1918) (IOS VRF bug? is that correct?)I have two options, add the network (new interface) to the active loadbalancers (contexts) and then tie in new policies to the active serverfarms or make a new context just to load balance towards this provider.(preferred)Now - If I do this, the rservers see the client source addresses from this new provider. as the loadbalancer does not "hide" the client IP's. I would then have to add static routers toward the new context - I would want to skip that.
is there a way, to make the loadbalancer hide the client addresses towards the rservers ? perhaps I'm just needing the correct search term to find the config example.
View 1 Replies
View Related
Sep 10, 2012
I am trying to get documentation on how to integrate an ACE30 module in a service chassis design integrated with the Nexus 7000 in routed mode. Only documentation I could find shows this design with the ACE30 module in a one arm mode. Any documentation that shows this implementation of this design?
View 2 Replies
View Related
Jan 4, 2012
client is unable to establish a connection to the backend servers via the vip on port 389 ,636 configured that servers are listening on these ports .even the probe is successful on port 389 but not getting any response back from the servers. [code]
View 1 Replies
View Related