Guest

Cisco LocalDirector 400 Series

LocalDirector Servers are not Failed When Clients are Using Windows 2000/XP

Document ID: 15425

Updated: Jan 31, 2006

   Print

Introduction

This document describes a problem customers encounter if they use Microsoft Windows 2000 or XP.

Prerequisites

Requirements

There are no specific prerequisites for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Information

Starting with Windows 2000, Microsoft decided to decrease the number of retransmissions of TCP SYN packets from three to two. The result of this may cause the default settings on LocalDirector not to fail real servers due to No Answer as it will on other client platforms.

A TCP retransmission can happen after a designated time has elapsed with no seen TCP SYN/ACK answers to the SYN packet. This is sometimes referred to as the TCP Backoff Timer. Typically, a client's TCP stack will send a SYN packet and wait three seconds for an answer (SYN/ACK). If there is no answer from the server in that time, the client's TCP stack will transparently retransmit the TCP SYN packet and double the wait time to six seconds. If no answer is seen from the server in the following six seconds, most operating systems will attempt one more SYN retransmission and wait double the previous time (12 seconds). Windows 2000/XP is different in that it will not retransmit the SYN packet for the third time, and will terminate the attempted session after the second retransmitted TCP SYN.

The following is a trace from a Windows 2000 workstation for which the server is not answering:

Frame Status  Source Address      Dest. Address   Size Rel. Time    Summary 
     0        [144.254.105.66]    [10.10.10.1]     62 0:00:00.000   TCP: D=80 S=3539 SYN SEQ=1751139534 LEN=0 WIN=16384 
     0        [144.254.105.66]    [10.10.10.1]     62 0:00:02.968   TCP: D=80 S=3539 SYN (Retransmission of Frame 94) SEQ=1751139534 LEN=0 WIN=16384 
     0        [144.254.105.66]    [10.10.10.1]     62 0:00:08.977   TCP: D=80 S=3539 SYN (Retransmission of Frame 94) SEQ=1751139534 LEN=0 WIN=16384 

By default three unanswered SYN packets for the same connection will cause reassignment to a new server when the fourth SYN packet comes in.

This is a trace taken on the server side of the LocalDirector with a non-Windows 2000/XP client:

Frame Status  Source Address      Dest. Address        Size Rel. Time    Summary 
     0        [144.254.105.67]    [10.10.10.105]        62 0:00:00.000   TCP: D=80 S=3539 SYN 
     0        [144.254.105.67]    [10.10.10.105]        62 0:00:02.968   TCP: D=80 S=3539 SYN 
     0        [144.254.105.67]    [10.10.10.105]        62 0:00:08.977   TCP: D=80 S=3539 SYN 
     0        [144.254.105.67]    [10.10.10.106]        62 0:00:16.977   TCP: D=80 S=3539 SYN 

!--- The last packet was reassigned.

When this happens, the No Answer Reassign counter (visible in the output of the show real command) increases by one. When this value reaches the threshold limit (which is eight by default), the real server is put into failed state.

LD# show virtual 
Machines: 

                  Machine          Mode          State  Connect   Sticky  Predictor  Slowstart 
      10.10.10.1:80:0:tcp      directed local      IS        0        0   leastconns* roundrobin 

LD# show real 
Real Machines: 
                                                   No Answer  TCP Reset  DataIn 
                  Machine   Connect   State  Thresh Reassigns  Reassigns   Conns 
    10.10.10.105:80:0:tcp       0      IS       8        1         0        0 
    10.10.10.106:80:0:tcp       0      IS       8        0         0        0 

Since the number of retransmissions has been lowered to two in Windows 2000, the LocalDirector does not reassign the connections to a new server, and the No Answer Reassigns counter is not increased. This happens because these two tasks are performed only when the third retransmission is seen (the fourth SYN packet). The problem is that with Windows 2000 and XP, this third retransmission does not arrive.

The above behavior causes a failed server not to be recognized as being down by the LocalDirector due to no answers, and therefore the server is not marked as failed.

To solve this problem, issue the reassign command in config mode to force the reassign of a connection to a different server upon the second retransmission of the attempted TCP SYN.

localdirector(config)# show reassign 
          Real Machine(s)             Reassign 
         10.1.2.3:0:0:tcp                    3 
         10.1.2.5:0:0:tcp                    3 
         10.1.2.4:0:0:tcp                    3 

localdirector(config)# reassign 10.1.2.3 2
localdirector(config)# reassign 10.1.2.4 2 
localdirector(config)# reassign 10.1.2.5 2

localdirector(config)# show reassign 
          Real Machine(s)             Reassign 
         10.1.2.3:0:0:tcp                    2 
         10.1.2.5:0:0:tcp                    2 

Related Information

Updated: Jan 31, 2006
Document ID: 15425