Guest

Cisco LocalDirector 400 Series

How to Configure Cookie Sticky on LocalDirector

Document ID: 15063

Updated: Jan 31, 2006

   Print

Introduction

Before Cisco LocalDirector 430 (Version 3.3), LocalDirector had two options to configure server persistence.

  • Generic sticky, which relied on the client's source IP address.

  • Secure Socket Layer (SSL) sticky, which relied on an SSL identifier in an SSL packet.

Both methods are widely used today. Because of the growing need for additional methods to maintain server persistence, cookie sticky was added to LocalDirector. Cookie sticky uses cookie information contained in a HTTP header.

To use cookie information in a load-balancing decision, LocalDirector must proxy the connection before determining which server it sends a packet to. SSL sticky also proxies the connection to view the SSL identifier. Generic sticky does not proxy the connection because the information LocalDirector uses to load-balance is contained in the initial packet that goes to the LocalDirector.

Two methods of cookie sticky are available in LocalDirector 3.3:

  • Cookie-passive

  • Cookie-insert

Before You Begin

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

This configuration was developed and tested using LocalDirector 430 (Software Release 3.3.4 and 4.2.4).

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Cookie-passive

Task

The sticky connection for the cookie-passive option relies on a cookie created by a real server.

  1. Before configuring the cookie, make sure LocalDirector has a route to its default gateway. You can do this by using the route command.

  2. Create the virtual server and real servers with virtual and real commands. After the virtual and real servers are created, use the sticky command to enable cookie sticky.

Note: For cookie sticky to work properly, the clock must be set accurately on LocalDirector and real servers. Use the clock set command to do this.

Step-by-Step Instructions

Follow the steps below

  1. Set the clock on the LocalDirector.

    localdirector(config)# clock set 09:34:00 january 29 2001
    localdirector(config)# show clock 
    
       Mon 09:34:04 Jan 29 2001 GMT 
    
    localdirector(config)#
  2. Set the ip address and default route on the LocalDirector.

    localdirector(config)# ip address 192.168.1.3 255.255.255.0 
    localdirector(config)# route 0.0.0.0 0.0.0.0 192.168.1.1 
    localdirector(config)# show route 0.0.0.0 0.0.0.0 192.168.1.1   1 OTHER static 
    localdirector(config)#
  3. Create the virtual IP address.

    localdirector(config)# virtual 192.168.1.5:80 is
    localdirector(config)# show virtual
    
  4. Create the real servers.

    localdirector(config)# real 192.168.1.18:80 is
    localdirector(config)# real 192.168.1.19:80 is 
    localdirector(config)# real 192.168.1.20:80 is
    localdirector(config)# show real
    
       Real Machines:  
       
                                                         No Answer  TCP Reset   DataIn 
     
       Machine                   Connect  State Thresh   Reassigns  Reassigns   Conns  
       192.168.1.20:80:0:tcp        0      IS      8        0          0           0 
       192.168.1.19:80:0:tcp        0      IS      8        0          0           0 
       192.168.1.18:80:0:tcp        0      IS      8        0          0           0 
    
    localdirector(config)#
    
  5. Bind the real servers to the virtual server.

    localdirector(config)# bind 192.168.1.5:80 192.168.1.18:80 
    localdirector(config)# bind 192.168.1.5:80 192.168.1.19:80 
    localdirector(config)# bind 192.168.1.5:80 192.168.1.20:80 
    localdirector(config)# show bind
             
       Virtual Machine(s)               Real Machines 
       192.168.1.5:80:0:tcp(IS)         192.168.1.20:80:0:tcp(IS) 
                                        192.168.1.19:80:0:tcp(IS)      
                                        192.168.1.18:80:0:tcp(IS)      
    localdirector(config)#
    
  6. Use the sticky command to enable cookie sticky.

    localdirector(config)# sticky 192.168.1.5:80 10 cookie-passive customer-cookie      
    localdirector(config)# show sticky 
    
       Virtual Machine(s)          Sticky 
       192.168.1.5:80:0:tcp        10 cookie-passive customer-cookie 
    
    localdirector(config)#

Cookie-insert

The sticky connection for the cookie-insert option relies on a cookie created by LocalDirector.

Note: For cookie sticky to work properly, the clock must be set accurately on the LocalDirector and real servers. You can make the time accurate by using the clock set command.

To make cookie-insert work, follow the instructions for cookie-passive and change the sticky command to read as follows.

localdirector(config)# sticky 192.168.1.5:80 10 cookie-insert  
localdirector(config)# show sticky 
 
  Virtual Machine(s)                 Sticky  
  192.168.1.5:80:0:tcp               10 cookie-insert LocalDirector-Insert-Cookie
  
localdirector(config)#

Note: For cookie-insert mode, a cookie name is not required. If no name is supplied, LocalDirector defaults to LocalDirector-Insert-Cookie. If you require a specific cookie name, then supply one in the sticky command.

localdirector(config)# sticky 192.168.1.5:80 10 cookie-insert cisco-cookie  
localdirector(config)# show sticky  

  Virtual Machine(s)                 Sticky 
  192.168.1.5:80:0:tcp               10 cookie-insert  cisco-cookie 
 
localdirector(config)#

Command Summary

The following commands are used to configure cookie sticky on LocalDirector 430.

bind

To associate a virtual server with one or more real servers, use the bind command. Use the no bind command to release an association between a real server and virtual server.

Bind virtual_id real_id [real_id...]  
no bind virtual_id real_id [real_id...]

localdirector(config)# bind 192.168.1.100:80 192.168.1.1:8001  
localdirector(config)# bind 192.168.1.100:80 192.168.1.2:8001 
localdirector(config)# bind 192.168.1.100:80 192.168.1.3:8001 
localdirector(config)# bind 192.168.1.101:80 192.168.1.1:8002 
localdirector(config)# bind 192.168.1.101:80 192.168.1.2:8002  
localdirector(config)# bind 192.168.1.101:80 192.168.1.3:8002  
localdirector(config)# show bind
 
   Virtual Machine(s)             Real Machines 
   192.168.1.101:80:0:tcp(IS)  
                                  192.168.1.3:8002:0:tcp(IS)  
                                  192.168.1.2:8002:0:tcp(IS)  
                                  192.168.1.1:8002:0:tcp(IS)  
   192.168.1.100:80:0:tcp(IS)  
                                                      192.168.1.3:8001:0:tcp(IS)  
                                  192.168.1.2:8001:0:tcp(IS)  
                                  192.168.1.1:8001:0:tcp(IS) 
localdirector(config)#

clock set

Use the clock set command to set the date and time for LocalDirector. You must enter the Coordinated Universal Time (UTC), which is the international time standard used by LocalDirector. You cannot disable the clock. Command syntax and an example of the command is shown below.

clock set hh:mm:ss month day year

localdirector(config)# clock set 17:00:00 march 21 2000  
localdirector(config)# show clock set 
 
   Tues 17:00:04 Mar 21 2000 UTC

ip address

To assign the system IP address for LocalDirector, use the ip address command.

ip address ip [subnet_mask]

localdirector(config)# ip address 192.168.1.3 255.255.255.0  
localdirector(config)# show ip address  

   System IP 192.168.1.3, system subnet 255.255.255.0 
   Current IP 192.168.1.3 
 
localdirector(config)#

real

To define a real server, use the real command. Use the no real command to remove a real server from LocalDirector.

real real_ip | real_name[:[port]:[bind-id]:[protocol]] [service-state]    
no real real_ip | real_name[:[port]:[bind-id]:[protocol]] [service-state]

localdirector(config)#  real 192.168.1.1:443 is  
localdirector(config)#  real 192.168.1.1:80:tcp is  
localdirector(config)#  real 192.168.1.1:23 
localdirector(config)#  show real  

   Real Machines:  
   
                                                 No Answer  TCP Reset   DataIn 
 
   Machine               Connect  State Thresh   Reassigns  Reassigns   Conns  
   192.168.1.1:23:0:tcp    0       OOS     8         0         0           0 
   192.168.1.1:80:0:tcp    0       IS      8         0         0           0 
   192.168.1.1:443:0:tcp   0       IS      8         0         0           0

route

To add a static route to the IP routing table, use the route command. Use the no route command to clear the route.

route dest_net net_mask gateway [metric]  
no route dest_net net_mask gateway [metric]

localdirector(config)# route 0.0.0.0 0.0.0.0 192.168.1.1

sticky

To set the number of inactivity minutes between connections before the client is sent to another server, use the sticky command. To disable the sticky feature, use the no sticky command.

sticky virtual_id minutes [generic | ssl | cookie-insert [name][domain] | cookie-passive name] 
no sticky virtual_id minutes [generic | ssl | cookie-insert [name] [domain] | cookie-passive name]

localdirector(config)# virtual 192.168.1.1:80:0:tcp is
localdirector(config)# sticky 192.168.1.1:80:0:tcp 10 cookie-insert cisco-cookie
localdirector(config)# show sticky 

   Virtual Machine(s)         Sticky
   192.168.1.1:80:0:tcp       10 cookie-insert cisco-cookie

localdirector(config)#

virtual

To create a virtual server to accept a connection from the network, use the virtual command. Use the no virtual command to remove the virtual server from LocalDirector.

virtual virtual_name | virtual_ip[:[virtual_port]:[bind-id]:[protocol]] [service-state] 
no virtual virtual_name | virtual_ip[:[virtual_port]:[bind-id]:[protocol]] [service-state]

localdirector(config)# virtual 10.10.10.1:80:tcp is  
localdirector(config)# virtual 10.10.10.1:443:1:tcp is 
localdirector(config)# virtual 10.10.10.1  
localdirector(config)# show virtual

    Machines: 
       Machine              Mode           State     Connect   Sticky     Predictor      Slowstart 
    10.10.10.1:80:0:tcp  directed local      IS          0        0       leastconns     roundrobin* 
    10.10.10.1:443:1:tcp directed local      IS          0        0       leastconns     roundrobin* 
    10.10.10.1:0:0:tcp   directed local     OOS          0        0       leastconns     roundrobin*

Verify

There is currently no verification procedure available for this configuration.

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Jan 31, 2006
Document ID: 15063