[f-nsp] DSR configuration on WSM7 failing after about 50-60k requests

Flint Barber FBarber at nirvanix.com
Mon Apr 19 14:44:44 EDT 2010 

I am having an issue with WSM7 using TW 11.0.00dTG2. I can make about
50-60k requests in the space of about a minute before I get timeouts and
connection failures. This is from a single host to a DSR vip with 3 IIS
hosts on the backside. If I run the same query against an individual
server it takes a bit longer, but I don't get any failures. The
configuration is non-sticky and the queries are only about 15-20k each
using apachebench on a single url. When the serveriron starts reporting
failed connections or a query times out, I can still get to the real
servers normally. Any ideas on why this may be happening? Is there a
default setting within 11.0.00dTG2 that would need to be reset? I tried
overriding by adding client TRL and other settings for per user and for
per server, but none actually seemed to help, so I reverted.. Here is
the config, can anyone spot something wrong?? One note, the application
actually returns a 403 when asking for "/", so I want to make sure those
pass.. I did disable l7 after I added the 200 and 403 healthcheck
responses, so those are remnants are ignored..

 

Thanks!!

-Flint

 

SLB-SSH at SLB-HOMER-A#show run

!Building configuration...

!Current configuration : 2692 bytes

!

ver 11.0.00dTG2

!

module 1 bi-0-port-wsm7-management-module

module 2 bi-jc-8-port-gig-module

!

server backup ethe 2/1 0012.f2aa.4311 vlan-id 500

server backup-preference 5

config-sync sender ethernet 2/1 mac 0012.f2aa.6e00 vlan-id 500

! 

!

 

server port 80

 session-sync

 tcp

 tcp 4

server source-ip 10.1.2.170 255.255.255.0 0.0.0.0

!

server monitor

!

context default

!                                                                 

server real STAGE-N1-TS01 10.1.2.165

 port http

 port http max-conn 1000000

 port http url "HEAD /"

 port http l4-check-only

 port http status-code  200 200 403 403

!

server real STAGE-N1-TS02 10.1.2.166

 port http

 port http max-conn 1000000

 port http url "HEAD /"

 port http l4-check-only

 port http status-code  200 200 403 403

!

server real STAGE-N1-TS03 10.1.2.167

 port http

 port http max-conn 1000000

 port http url "HEAD /"

 port http l4-check-only

 port http status-code  200 200 403 403

!

!

server virtual STAGE-TEST-VIP 10.1.2.162                        

 predictor round-robin

 port default dsr

 port http

 port http tcp-only

 port http dsr

 bind default STAGE-N1-TS01 default STAGE-N1-TS02 default STAGE-N1-TS03
default

 bind http STAGE-N1-TS01 http STAGE-N1-TS02 http STAGE-N1-TS03 http

!

vlan 1 name DEFAULT-VLAN by port

 no spanning-tree

!

vlan 500 by port

 untagged ethe 2/1 

 no spanning-tree

!

vlan 112 by port

 untagged ethe 2/3 

 no spanning-tree

 ip-subnet 10.1.2.0 255.255.255.0

!

aaa authentication web-server default local enable

aaa authentication enable default local enable

aaa authentication login default local enable                     

aaa authentication login privilege-mode

enable super-user-password .....

no enable aaa console

hostname SLB-HOMER-A

ip address 10.1.2.11 255.255.255.0

ip default-gateway 10.1.2.1

ip dns domain-name nirvanix.com

ip policy 1 priority 1 tcp http global

telnet server

snmp-server

web-management enable vlan 112

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20100419/c3a717a2/attachment.html>

More information about the foundry-nsp mailing list