Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.2
Server Load Balancing Commands
Downloads: This chapterpdf (PDF - 411.0KB) The complete bookPDF (PDF - 3.64MB) | Feedback

Server Load Balancing Commands

Table Of Contents

Server Load Balancing Commands

advertise

agent

bindid

clear ip slb

client

delay (virtual server)

faildetect

idle

inservice (real server)

inservice (virtual server)

ip slb dfp

ip slb serverfarm

ip slb vserver

maxconns (server farm)

nat

predictor

real

reassign

retry (real server)

serverfarm

show ip slb conns

show ip slb dfp

show ip slb reals

show ip slb serverfarms

show ip slb stats

show ip slb sticky

show ip slb vservers

sticky

synguard

virtual

weight


Server Load Balancing Commands


Use the commands in this chapter to configure the IOS Server Load Balancing (SLB) feature. For configuration information and examples, refer to the "Configuring Server Load Balancing" chapter of the Cisco IOS IP Configuration Guide.

advertise

To control the installation of a static route to the Null0 interface for a virtual server address, use the advertise SLB virtual server configuration command. To prevent the installation of a static route for the virtual server IP address, use the no form of this command.

advertise

no advertise

Syntax Description

This command has no arguments or keywords.

Defaults

The SLB virtual server IP address is added to the routing table.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

By default, virtual server addresses are advertised. That is, static routes to the Null0 interface are installed for the virtual server addresses.

Advertisement of this static route using the routing protocol requires that you configure redistribution of static routes for the routing protocol.

Examples

The following example prevents advertisement of the IP address of the virtual server in routing protocol updates:

ip slb vserver PUBLIC_HTTP
no advertise

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.


agent

To configure a Dynamic Feedback Protocol (DFP) agent, use the agent SLB DFP configuration command. To remove an agent definition from the DFP configuration, use the no form of this command.

agent ip-address port [timeout [retry-count [retry-interval]]]

no agent ip-address port

Syntax Description

ip-address

Agent IP address.

port

Agent port number.

timeout

(Optional) Time period (in seconds) during which the DFP manager must receive an update from the DFP agent. The default is 0 seconds, which means there is no timeout.

retry-count

(Optional) Number of times the DFP manager attempts to establish the TCP connection to the DFP agent. The default is 0 retries, which means there are infinite retries.

retry-interval

(Optional) Interval (in seconds) between retries. The default is 180 seconds.


Defaults

The default timeout is 0 seconds (no timeout).

The default retry count is 0 (infinite retries).

The default retry interval is 180 seconds.

Command Modes

SLB DFP configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

You can configure up to 1024 agents.

A DFP agent collects status information about the load capability of a server and reports that information to a load manager. The DFP agent may reside on the server, or it may be a separate device that collects and consolidates the information from several servers before reporting to the load manager.

Examples

The following example configures a DFP agent on the DFP manager, sets the DFP password to Cookies and the timeout to 360 seconds, changes the configuration mode to DFP configuration mode, sets the IP address of the DFP agent to 10.1.1.1, and sets the port number of the DFP agent to 2221 (FTP):

ip slb dfp password Cookies 360
agent 10.1.1.1 2221

Related Commands

Command
Description

ip slb dfp

Configures the IOS SLB DFP.



bindid

To configure a bind ID, use the bindid SLB server farm configuration command. To remove a bind ID from the server farm configuration, use the no form of this command.

bindid [bind-id]

no bindid [bind-id]

Syntax Description

bind-id

(Optional) Bind ID number. The default bind ID is 0.


Defaults

The default bind ID is 0.

Command Modes

SLB server farm configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

You can configure one bind ID on each bindid command.

The bind ID allows a single physical server to be bound to multiple virtual servers and report a different weight for each one. Thus, the single real server is represented as multiple instances of itself, each having a different bind ID. DFP uses the bind ID to identify for which instance of the real server a given weight is specified.

Examples

The following example configures bind ID 309:

ip slb serverfarm PUBLIC
bindid 309

Related Commands

Command
Description

ip slb dfp

Configures the IOS SLB DFP.


clear ip slb

To clear IP IOS SLB connections or counters, use the clear ip slb privileged EXEC command.

clear ip slb {connections [serverfarm farm-name | vserver server-name] | counters}

Syntax Description

connections

Clears the IP IOS SLB connection database.

serverfarm

(Optional) Clears the connection database for the server farm named.

farm-name

(Optional) Character string used to identify the server farm.

vserver

(Optional) Clears the connection database for the virtual server named.

server-name

(Optional) Character string used to identify the virtual server.

counters

Clears the IP IOS SLB counters.


Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(1)E

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example clears the connection database of the server farm named FARM1:

Router# clear ip slb connections serverfarm FARM1

The following example clears the connection database of the virtual server named VSERVER1:

Router# clear ip slb connections vserver VSERVER1

The following example clears the IOS SLB counters:

Router# clear ip slb counters

Related Commands

Command
Description

show ip slb conns

Displays information about the IOS SLB connections.

show ip slb serverfarms

Displays information about the IOS SLB server farms.

show ip slb vservers

Displays information about the IOS SLB virtual servers.


client

To define which clients are allowed to use the virtual server, use the client SLB virtual server configuration command. You can use more than one client command to define more than one client. To remove a client definition from the IOS SLB configuration, use the no form of this command.

client ip-address network-mask

no client ip-address network-mask

Syntax Description

ip-address

Client IP address. The default is 0.0.0.0 (all clients).

network-mask

Client IP network mask. The default is 0.0.0.0 (all subnetworks).


Defaults

The default IP address is 0.0.0.0 (all clients).

The default network mask is 0.0.0.0 (all subnetworks).

Taken together, the default is client 0.0.0.0 0.0.0.0 (allows all clients on all subnetworks to use the virtual server).

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The network-mask value is applied to the source IP address of incoming connections. The result must match the ip-address value for the client to be allowed to use the virtual server.

Examples

The following example allows only clients from 10.4.4.x access to the virtual server:

ip slb vserver PUBLIC_HTTP
 client 10.4.4.0 255.255.255.0	

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


delay (virtual server)

To change the amount of time the IOS SLB feature maintains TCP connection context after a connection has terminated, use the delay SLB virtual server configuration command. To restore the default delay timer, use the no form of this command.

delay duration

no delay

Syntax Description

duration

Delay timer duration in seconds. The valid range is from 1 to 600 seconds. The default value is 10 seconds.


Defaults

The default duration is 10 seconds.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The delay timer allows out-of-sequence packets and final acknowledgments (ACKs) to be delivered after a TCP connection ends.

Do not set this value to zero (0).

If you are configuring a delay timer for HTTP flows, choose a low number such as 5 seconds as a starting point.

Examples

The following example specifies that the IOS SLB feature maintains TCP connection context for 30 seconds after a connection has terminated:

ip slb vserver PUBLIC_HTTP
 delay 30

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


faildetect

To specify the conditions that indicate a server failure, use the faildetect SLB real server configuration command. To restore the default values that indicate a server failure, use the no form of this command.

faildetect numconns number-conns [numclients number-clients]

no faildetect

Syntax Description

numconns

Number of consecutive TCP connection reassignments allowed before a real server is considered to have failed.

number-conns

Connection reassignment threshold value in the range from 1 to 255. The default is 8 connection failures.

numclients

(Optional) Number of unique client connection failures allowed before a real server is considered to have failed.

number-clients

(Optional) Client connection reassignment threshold value in the range from 1 to 8. The default is 2 client connection failures.


Defaults

If you do not specify the faildetect command, the default value of the connection reassignment threshold is 8.

If you do not specify the numclients keyword, the default value of the unique client failure threshold is 2.

Command Modes

SLB real server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

In the following example the connection reassignment threshold is set to 16 and, because the numclients keyword is not configured, the threshold for unique client connection failure is set to the default value 8. The real server is considered to have failed when 8 unique clients have had connection failures and there have been 16 connection reassignments.

ip slb serverfarm PUBLIC
 real 10.10.1.1
 faildetect numconns 16

Related Commands

Command
Description

real

Identifies a real server.

show ip slb reals

Displays information about the real servers.

show ip slb serverfarms

Displays information about the server farm configuration.


idle

To specify the minimum amount of time for which IOS SLB maintains connection information in the absence of packet activity, use the idle virtual server configuration command. To restore the default idle duration value, use the no form of this command.

idle duration

no idle

Syntax Description

duration

Idle connection timer duration (in seconds). Valid values range from 10 to 65535. The default is 3600 seconds (1 hour).


Defaults

The default duration is 3600 seconds.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

TCP connections that do not send flows or keepalives before the idle timer expires are assumed to be inactive and are reset (RST).

If you are configuring an idle timer for HTTP flows, choose a low number such as 120 seconds as a starting point. A low number ensures that the IOS SLB connection database maintains a manageable size if problems at the server, client, or network result in a large number of connections. However, do not choose a value under 60 seconds; such a low value can reduce the efficiency of the IOS SLB feature.

Examples

The following example instructs the IOS SLB feature to maintain connection information for an idle connection for 120 seconds:

ip slb vserver PUBLIC_HTTP
 idle 120

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


inservice (real server)

To enable the real server for use by the IOS SLB feature, use the inservice SLB real server configuration command. To remove the real server from service, use the no form of this command.

inservice

no inservice

Syntax Description

This command has no arguments or keywords.

Defaults

If you do not specify the inservice command, the real server is defined to IOS SLB but is not used.

Command Modes

SLB real server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example enables the real server for use by the IOS SLB feature:

ip slb serverfarm PUBLIC
 real 10.10.1.1
 inservice

Related Commands

Command
Description

real

Identifies a real server.

show ip slb reals

Displays information about the real servers.

show ip slb serverfarms

Displays information about the server farm configuration.


inservice (virtual server)

To enable the virtual server for use by the IOS SLB feature, use the inservice SLB virtual server configuration command. To remove the virtual server from service, use the no form of this command.

inservice [standby group-name]

no inservice [standby group-name]

Syntax Description

standby

(Optional) Configures the Hot Standby Router Protocol (HSRP) standby virtual server.

group-name

(Optional) Specifies the HSRP group name with which the IOS SLB virtual server is associated.


Defaults

If you do not specify the inservice command, the virtual server is defined to IOS SLB but is not used.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(1)E

The standby keyword and group-name argument were added.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example enables the real server for use by the IOS SLB feature:

ip slb vserver PUBLIC_HTTP
 inservice

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


ip slb dfp

To configure the Dynamic Feedback Protocol (DFP) and supply an optional password, use the ip slb dfp global configuration command. To remove the DFP configuration, use the no form of this command.

ip slb dfp [password password [timeout]]

no ip slb dfp

Syntax Description

password

(Optional) Specifies a password for MD5 authentication.

password

(Optional) Password value for MD5 authentication. This password must match the password configured on the host agent.

timeout

(Optional) Delay period (in seconds) during which both the old password and the new password are accepted. The default value is 180 seconds.


Defaults

The password timeout default is 180 seconds.

Command Modes

Global configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The optional password, if configured, must match the password configured on the host agent.

The timeout option allows you to change the password without stopping messages between the DFP agent and its manager. The default value is 180 seconds.

During the timeout, the agent sends packets with the old password (or null, if there is no old password), and receives packets with either the old or new password. After the timeout expires, the agent sends and receives packets only with the new password; received packets that use the old password are discarded.

If you are changing the password for an entire load-balanced environment, set a longer timeout. This setting allows enough time for you to update the password on all agents and servers before the timeout expires. It also prevents mismatches between agents and servers that have begun running the new password and agents, and servers on which you have not yet changed the old password.

Examples

The following example configures DFP, sets the password to flounder, configures a timeout period of 60 seconds, and changes to DFP configuration mode:

ip slb dfp flounder 60

Related Commands

Command
Description

agent

Configures a DFP agent.


ip slb serverfarm

To identify a server farm and enter SLB server farm configuration mode, use the ip slb serverfarm global configuration command. To remove the server farm from the IOS SLB configuration, use the no form of this command.

ip slb serverfarm serverfarm-name

no ip slb serverfarm serverfarm-name

Syntax Description

serverfarm-name

Character string used to identify the server farm. The character string is limited to 15 characters.


Defaults

No default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example identifies a server farm named PUBLIC:

ip slb serverfarm PUBLIC

Related Commands

Command
Description

real

Identifies a real server.


ip slb vserver

To identify a virtual server and enter SLB virtual server configuration mode, use the ip slb vserver global configuration command. To remove a virtual server from the IOS SLB configuration, use the no form of this command.

ip slb vserver virtserver-name

no ip slb vserver virtserver-name

Syntax Description

virtserver-name

Character string used to identify the virtual server. The character string is limited to 15 characters.


Defaults

No default behavior or values.

Command Modes

Global configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example identifies a virtual server named PUBLIC_HTTP:

ip slb vserver PUBLIC_HTTP

Related Commands

Command
Description

serverfarm

Associates a real server farm with a virtual server.

show ip slb vservers

Displays information about the virtual servers.


maxconns (server farm)

To limit the number of active connections to the real server, use the maxconns command in SLB server farm configuration mode. To restore the default of 4294967295, use the no form of this command.

maxconns maximum-number [sticky-override]

no maxconns

Syntax Description

maximum-number

Maximum number of simultaneous active connections on the real server. Valid values range from 1 to 4294967295. The default is 4294967295.

sticky-override

(Optional) Allow sticky load balancing to exceed maximum-number for this real server.


Defaults

The default maximum number of simultaneous active connections on the real server is 4294967295.

Command Modes

SLB server farm configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.

12.2

This command was integrated into Cisco IOS Release 12.2.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.1(18)E

The sticky-override keyword was added.

12.2(18)SXE

This command was integrated into Cisco IOS Release 12.2(18)SXE.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.


Examples

The following example limits the real server to a maximum of 1000 simultaneous active connections:

Router(config)# ip slb serverfarm PUBLIC
Router(config-slb-sfarm)# real 10.10.1.1
Router(config-slb-real)# maxconns 1000

Related Commands

Command
Description

real (server farm)

Identifies a real server by IP address and optional port number as a member of a server farm and enters real server configuration mode.

show ip slb reals

Displays information about the real servers.

show ip slb severfarms

Displays information about the server farm configuration.


nat

To configure IOS SLB Network Address Translation (NAT) and specify a NAT mode, use the nat SLB server farm configuration command. To remove a NAT configuration, use the no form of this command.

nat server

no nat server

Syntax Description

server

Specifies that the destination address in load-balanced packets sent to the real server is the address of the real server chosen by the server farm load-balancing algorithm.


Defaults

No IOS SLB NAT is configured.

Command Modes

SLB server farm configuration

Command History

Release
Modification

12.1(1)E

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The no nat command is allowed only if the virtual server was removed from service with the no inservice command.

Examples

The following example changes to IOS SLB server farm configuration mode and configures NAT mode as server address translation on the server farm named FARM2:

ip slb serverfarm FARM2
 nat server

Related Commands

Command
Description

ip slb serverfarm

Associates a real server farm with a virtual server.

real

Identifies a real server as a member of a server farm.

show ip slb serverfarms

Displays information about the server farm configuration.


predictor

To specify the load-balancing algorithm for selecting a real server in the server farm, use the predictor SLB server farm configuration command. To restore the default load-balancing algorithm of weighted round robin, use the no form of this command.

predictor [roundrobin | leastconns]

no predictor

Syntax Description

roundrobin

(Optional) Use the weighted round robin algorithm for selecting the real server to handle the next new connection for the server farm.

leastconns

(Optional) Use the weighted least connections algorithm for selecting the real server to handle the next new connection for this server farm.


Defaults

The default predictor is weighted round robin.

Command Modes

SLB server farm configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example specifies the weighted least connections algorithm:

ip slb serverfarm PUBLIC
 predictor leastconns

Related Commands

Command
Description

show ip slb serverfarms

Displays information about the server farm configuration.

weight

Specifies the capacity of the real server, relative to other real servers in the server farm.


real

To identify a real server as a member of a server farm, use the real SLB server farm configuration command. To remove the real server from the IOS SLB configuration, use the no form of this command.

real ip-address

no real ip-address

Syntax Description

ip-address

Real server IP address.


Defaults

No default behavior or values.

Command Modes

SLB server farm configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example identifies a real server as a member of the server farm:

ip slb serverfarm PUBLIC
 real 10.1.1.1

Related Commands

Command
Description

inservice (real server)

Enables the real server for use by IOS SLB.

show ip slb serverfarms

Displays information about the server farm configuration.

show ip slb reals

Displays information about the real servers.


reassign

To specify the threshold of consecutive unanswered synchronizations that, if exceeded, results in an attempted connection to a different real server, use the reassign SLB real server configuration command. To restore the default reassignment threshold, use the no form of this command.

reassign threshold

no reassign

Syntax Description

threshold

Number of unanswered TCP SYNs that are directed to a real server before the connection is reassigned to a different real server. An unanswered SYN is one for which no SYN or ACK is detected before the next SYN arrives from the client. IOS SLB allows 30 seconds for the connection to be established or for a new SYN to be received. If neither of these events occurs within that time, the connection is removed from the IOS SLB database.

The 30-second timer is restarted for each SYN as long as the number of connection reassignments specified on the faildetect command's numconns keyword is not exceeded. See the faildetect command for more information.

Valid threshold values range from 1 to 4 SYNs. The default value is 3.


Defaults

The default threshold is three SYNs.

Command Modes

SLB real server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example sets the threshold of unanswered SYNs to 2:

ip slb serverfarm PUBLIC
 real 10.10.1.1
 reassign 2

Related Commands

Command
Description

real

Identifies a real server.

show ip slb reals

Displays information about the real servers.

show ip slb serverfarms

Displays information about the server farm configuration.


retry (real server)

To specify how long to wait before a new connection is attempted to a failed server, use the retry SLB real server configuration command. To restore the default retry value, use the no form of this command.

retry retry-value

no retry

Syntax Description

retry-value

Time, in seconds, to wait after the detection of a server failure before a new connection to the server is attempted.

If the new connection attempt succeeds, the real server is placed in OPERATIONAL state. If the connection attempt fails, the timer is reset, the connection is reassigned, and the process repeats until it is successful or until the server is placed OUTOFSERVICE by the network administrator.

Valid values range from 1 to 3600. The default value is 60 seconds.

A value of 0 means do not attempt a new connection to the server when it fails.


Defaults

The retry-value default is 60 seconds.

Command Modes

SLB real server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example specifies that 120 seconds must elapse after the detection of a server failure before a new connection is attempted:

ip slb serverfarm PUBLIC
 real 10.10.1.1
 retry 120

Related Commands

Command
Description

real

Identifies a real server.

show ip slb reals

Displays information about the real servers.

show ip slb serverfarms

Displays information about the server farm configuration.


serverfarm

To associate a real server farm with a virtual server, use the serverfarm SLB virtual server configuration command. To remove the server farm association from the virtual server configuration, use the no form of this command.

serverfarm serverfarm-name

no serverfarm

Syntax Description

serverfarm-name

Name of a server farm that has already been defined using the ip slb serverfarm command.


Defaults

No default behavior or values.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows how the ip slb vserver, virtual, and serverfarm commands are used to associate the real server farm named PUBLIC with the virtual server named PUBLIC_HTTP:

ip slb vserver PUBLIC_HTTP
 virtual 10.0.0.1 tcp www
 serverfarm PUBLIC

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


show ip slb conns

To display the active IOS SLB connections, use the show ip slb conns privileged EXEC command.

show ip slb conns [vserver virtserver-name] [client ip-address] [detail]

Syntax Description

vserver

(Optional) Displays only those connections associated with a particular virtual server.

virtserver-name

(Optional) Name of the virtual server to be monitored.

client

(Optional) Displays only those connections associated with a particular client IP address.

ip-address

(Optional) IP address of the client to be monitored.

detail

(Optional) Displays detailed connection information.


Defaults

If no options are specified, the command displays output for all active IOS SLB connections.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows IOS SLB active connection data:

router# show ip slb conns

vserver          prot   client                real                  state
----------------------------------------------------------------------------
TEST             TCP    7.150.72.183:328      80.80.90.25:80        CLOSING 
TEST             TCP    7.250.167.226:423     80.80.90.26:80        CLOSING 
TEST             TCP    7.234.60.239:317      80.80.90.26:80        CLOSING 
TEST             TCP    7.110.233.96:747      80.80.90.26:80        CLOSING 
TEST             TCP    7.162.0.201:770       80.80.90.30:80        CLOSING 
TEST             TCP    7.22.225.219:995      80.80.90.26:80        CLOSING 
TEST             TCP    7.2.170.148:169       80.80.90.30:80        CLOSING 

Table 31 describes the significant fields shown in the display.

Table 31 show ip slb conns Field Descriptions

Field
Description

vserver

Name of the virtual server whose connections are being monitored and displayed. Information about each connection is displayed on a separate line.

prot

Protocol being used by the connection.

client

Client IP address being used by the connection.

real

Real IP address of the connection.

state

Current state of the connection:

CLOSING—IOS SLB TCP connection deactivated (awaiting a delay timeout before cleaning up the connection).

ESTAB—IOS SLB TCP connection processed a SYN-SYN/ACK exchange between the client and server.

FINCLIENT—IOS SLB TCP connection processed a FIN from the client.

FINSERVER—IOS SLB TCP connection processed a FIN from the server.

INIT—Initial state of the IOS SLB TCP connection.

SYNBOTH—IOS SLB TCP connection processed one or more TCP SYNs from both the client and the server.

SYNCLIENT—IOS SLB TCP connection processed one or more client TCP SYNs.

SYNSERVER—IOS SLB TCP connection processed one or more server 1 TCP SYNs.

ZOMBIE—Destruction of the IOS SLB TCP connection failed, possibly because of bound flows. Destruction will proceed when the flows are unbound.


show ip slb dfp

To display DFP manager and agent information such as passwords, timeouts, retry counts, and weights, use the show ip slb dfp privileged EXEC command.

show ip slb dfp [agent ip-address port-number | detail | weights]

Syntax Description

agent

(Optional) Displays information about an agent.

ip-address

(Optional) Agent IP address.

port-number

(Optional) Agent port number.

detail

(Optional) Displays all data available.

weights

(Optional) Displays information about weights assigned to real servers for load balancing.


Defaults

If no options are specified, the command displays summary information.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows IOS SLB DFP data:

router# show ip slb dfp detail

DFP Manager:
      Current passwd:NONE Pending passwd:NONE
      Passwd timeout:0 sec 
      Uned errors:0
DFP Agent 161.44.2.34:61936 Connection state:Connected
   Timeout = 0      Retry Count = 0      Interval = 180   (Default)
   Security errors = 0
   Last message received:10:20:26 UTC 11/02/99
   Last reported Real weights for Protocol TCP, Port www
      Host 17.17.17.17 1      Weight 1
      Host 68.68.68.68   Bind ID 4      Weight 4
      Host 85.85.85.85   Bind ID 5      Weight 5
   Last reported Real weights for Protocol TCP, Port 22
      Host 17.17.17.17   Bind ID 111    Weight 111
router# show ip slb dfp weights

Real IP Address 17.17.17.17 Protocol TCP Port 22 Bind_ID 111 Weight 111
      Set by Agent 161.44.2.3458490 at 132241 UTC 12/03/99
Real IP Address 17.17.17.17 Protocol TCP Port www Bind_ID 1 Weight 1
      Set by Agent 161.44.2.3458490 at 132241 UTC 12/03/99
Real IP Address 68.68.68.68 Protocol TCP Port www Bind_ID 4 Weight 4
      Set by Agent 161.44.2.3458490 at 132241 UTC 12/03/99
Real IP Address 85.85.85.85 Protocol TCP Port www Bind_ID 5 Weight 5
      Set by Agent 161.44.2.3458490 at 132241 UTC 12/03/99
router# show ip slb dfp

DFP Manager:
      Current passwd:NONE Pending passwd:NONE
      Passwd timeout:0 sec 

Agent IP          Port    Timeout   Retry Count   Interval
---------------------------------------------------------------
161.44.2.34       61936   0         0             180 (Default)

Table 32 describes the significant fields shown in the display.

Table 32 show ip slb dfp Field Descriptions

Field
Description

Agent IP

IP address of the agent about which information is being displayed.

Port

Port number of the agent.

Timeout

Time period (in seconds) during which the DFP manager must receive an update from the DFP agent. A value of 0 means there is no timeout.

Retry Count

Number of times the DFP manager attempts to establish the TCP connection to the DFP agent. A value of 0 means there are infinite retries.

Interval

Interval (in seconds) between retries.


show ip slb reals

To display information about the real servers, use the show ip slb reals privileged EXEC command.

show ip slb reals [vserver virtserver-name] [detail]

Syntax Description

vserver

(Optional) Displays information about only those real servers associated with a particular virtual server.

virtserver-name

(Optional) Name of the virtual server.

detail

(Optional) Displays detailed information.


Defaults

If no options are specified, the command displays information about all real servers.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows IOS SLB real server data:

router# show ip slb reals

real             server farm      weight   state           conns
--------------------------------------------------------------------
80.80.2.112      FRAG             8        OUTOFSERVICE    0        
80.80.5.232      FRAG             8        OPERATIONAL     0        
80.80.15.124     FRAG             8        OUTOFSERVICE    0        
80.254.2.2       FRAG             8        OUTOFSERVICE    0        
80.80.15.124     LINUX            8        OPERATIONAL     0        
80.80.15.125     LINUX            8        OPERATIONAL     0        
80.80.15.126     LINUX            8        OPERATIONAL     0        
80.80.90.25      SRE              8        OPERATIONAL     220      
80.80.90.26      SRE              8        OPERATIONAL     216      
80.80.90.27      SRE              8        OPERATIONAL     216      
80.80.90.28      SRE              8        TESTING         1        
80.80.90.29      SRE              8        OPERATIONAL     221      
80.80.90.30      SRE              8        OPERATIONAL     224      
80.80.30.3       TEST             100      READY_TO_TEST   0        
80.80.30.4       TEST             100      READY_TO_TEST   0        
80.80.30.5       TEST             100      READY_TO_TEST   0        
80.80.30.6       TEST             100      READY_TO_TEST   0        

Table 33 describes significant fields shown in the display.

Table 33 show ip slb reals Field Descriptions

Field
Description

real

IP address of the real server about which information is being displayed. Used to identify each real server. Information about each real server is displayed on a separate line.

server farm

Name of the server farm to which the real server is associated.

weight

Weight assigned to the real server. The weight identifies the capacity of the real server, relative to other real servers in the server farm.

state

Current state of the real server:

DFP_THROTTLED—DFP agent sent a weight of 0 for this real server (send no further connections to this real server).

FAILED—Removed from use by the predictor algorithms; retry timer started.

MAXCONNS—Maximum number of simultaneous active connections reached.

OPERATIONAL—Functioning properly.

OUTOFSERVICE—Removed from the load-balancing predictor lists.

READY_TO_TEST—Queued for testing.

TESTING—Queued for assignment.


show ip slb serverfarms

To display information about the server farms, use the show ip slb serverfarms privileged EXEC command.

show ip slb serverfarms [name serverfarm-name] [detail]

Syntax Description

name

(Optional) Displays information about only a particular server farm.

serverfarm-name

(Optional) Name of the server farm.

detail

(Optional) Displays detailed server farm information.


Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows IOS SLB server farm data:


router# show ip slb serverfarms

server farm      predictor     reals   bind id
-------------------------------------------------
FRAG             ROUNDROBIN    4       0       
LINUX            ROUNDROBIN    3       0       
SRE              ROUNDROBIN    6       0       
TEST             ROUNDROBIN    4       0       

Table 34 describes the significant fields shown in the display.

Table 34 show ip slb serverfarms Field Descriptions

Field
Description

server farm

Name of the server farm about which information is being displayed. Information about each server farm is displayed on a separate line.

predictor

Type of load-balancing algorithm (ROUNDROBIN or LEASTCONNS) used by the server farm.

reals

Number of real servers configured in the server farm.

bind id

Bind ID configured on the server farm.


show ip slb stats

To display IOS SLB statistics, use the show ip slb stats privileged EXEC command.

show ip slb stats

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows IOS SLB statistics:

router# show ip slb stats

Pkts via normal switching: 530616
Pkts via special switching:1812710
Connections Created:       783774
Connections Established:   633418
Connections Destroyed:     782752
Connections Reassigned:    0
Zombie Count:              0

Table 35 describes the significant fields shown in the display.

Table 35 show ip slb stats Field Descriptions 

Field
Description

Pkts via normal switching

Number of packets handled by the IOS SLB feature via normal switching since the last time counters were cleared.

Pkts via special switching

Number of packets handled by the IOS SLB feature via special switching since the last time counters were cleared.

Connections Created

Number of connections created since the last time counters were cleared.

Connections Established

Number of connections created that have become established since the last time counters were cleared.

Connections Destroyed

Number of connections destroyed since the last time counters were cleared.

Connections Reassigned

Number of connections reassigned to a different real server since the last time counters were cleared.

Zombie Count

Number of connections currently pending destruction, awaiting a timeout or some other condition to be met.


show ip slb sticky

To display the entries in the IOS SLB sticky database, use the show ip slb sticky privileged EXEC command.

show ip slb sticky [client ip-address]

Syntax Description

client

(Optional) Displays only those sticky database entries associated with a particular client IP address.

ip-address

(Optional) IP address of the client.


Defaults

If no options are specified, the command displays information about all virtual servers.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows the entries in the IOS SLB sticky database:

router# show ip slb sticky

client            group   real              conns     ftp-cntrl
--------------------------------------------------------------
10.10.2.12        4097      10.10.3.2         1         0 

Table 36 describes the significant fields shown in the display.

Table 36 show ip slb sticky Field Descriptions

Field
Description

client

Client IP address that is bound to this sticky assignment.

group

Group ID for this sticky assignment.

real

Real server used by all clients connecting with the client IP address detailed on this line.

conns

Number of connections currently sharing this sticky assignment.

ftp-cntrl

Number of FTP control connections currently using this sticky assignment.


show ip slb vservers

To display information about the virtual servers, use the show ip slb vservers privileged EXEC command.

show ip slb vservers [name virtserver-name] [detail]

Syntax Description

name

(Optional) Displays information about only this virtual server.

virtserver-name

(Optional) Name of the virtual server.

detail

(Optional) Displays detailed virtual server information.


Defaults

If no options are specified, the command displays information about all virtual servers.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example shows virtual server data:

router# show ip slb vservers

slb vserver      prot   virtual               state          conns   
---------------------------------------------------------------------
TEST             TCP    80.80.254.3:80        OPERATIONAL    1013    
TEST21           TCP    80.80.254.3:21        OUTOFSERVICE   0       
TEST23           TCP    80.80.254.3:23        OUTOFSERVICE   0       

Table 37 describes the significant fields shown in the display.

Table 37 show ip slb vservers Field Descriptions

Field
Description

slb vserver

Name of the virtual server about which information is being displayed. Information about each virtual server is displayed on a separate line.

prot

Protocol being used by the virtual server detailed on a given line.

virtual

Virtual IP address of the virtual server detailed on a given line.

state

Current state of the virtual server detailed on a given line.

conns

Number of connections associated with the virtual server detailed on a given line.


sticky

To assign all connections from a client to the same real server, use the sticky virtual server configuration command. To remove the client/server coupling, use the no form of this command.

sticky duration [group group-id]

no sticky

Syntax Description

duration

Sticky timer duration (in seconds). Valid values range from 0 to 65535.

group

(Optional) Places the virtual server in a sticky group, for coupling of services.

group-id

(Optional) Number identifying the sticky group to which the virtual server belongs. Valid values range from 0 to 255.


Defaults

Sticky connections are not tracked.

Virtual servers are not associated with any groups.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The last real server that was used for a connection from a client is stored for the set duration seconds. If a new connection from the client to the virtual server is initiated during that time, the same real server that was used for the previous connection is chosen for the new connection. If two virtual servers are placed in the same group, coincident connection requests for those services from the same IP address are handled by the same real server.

Examples

The following example specifies that if a subsequent request from a client for a virtual server is made within 60 seconds of the previous request, then the same real server is used for the connection. This example also places the virtual server in group 10.

ip slb vserver VS1
sticky 60 group 10

Related Commands

Command
Description

show ip slb sticky

Displays information about the virtual server or firewall farm sticky configuration.

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


synguard

To limit the rate of TCP SYNs handled by a virtual server to prevent an SYN flood Denial-of-Service attack, use the synguard virtual server configuration command. To remove the threshold, use the no form of this command.

synguard syn-count [interval]

no synguard

Syntax Description

syn-count

Number of unanswered SYNs that are allowed to be outstanding to a virtual server. Valid values range from 0 (off) to 4294967295. The default is 0.

interval

(Optional) Interval (in milliseconds) for SYN threshold monitoring. Valid values range from 50 to 5000. The default is 100 ms.


Defaults

The default SYN count is 0 (off).

The default interval is 100 ms.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example sets the threshold of unanswered SYNs to 50:

ip slb vserver PUBLIC_HTTP
synguard 50

Related Commands

Command
Description

show ip slb vservers

Displays information about the virtual servers.

virtual

Configures the virtual server attributes.


virtual

To configure virtual server attributes, use the virtual virtual server configuration command. To remove the attributes, use the no form of this command.

virtual ip-address {tcp | udp} port-number [service service-name]

no virtual

Syntax Description

ip-address

IP address for this virtual server instance, used by clients to connect to the server farm.

tcp

Performs load balancing for only TCP connections.

udp

Performs load balancing for only UDP connections.

port-number

(Optional) IOS SLB virtual port (the TCP or UDP port number or port name). If specified, only the connections for the specified port on the server are load balanced. The ports and the valid name or number for the port-number argument are as follows:

Domain Name System: dns   53

File Transfer Protocol: ftp   21

HTTP over Secure Socket Layer: https   443

Mapping of Airline Traffic over IP, Type A: matip-a   350

Network News Transport Protocol: nntp   119

Post Office Protocol v2: pop2   109

Post Office Protocol v3: pop3   110

Simple Mail Transport Protocol: smtp   25

Telnet: telnet   23

World Wide Web (HTTP): www   80

Specify a port number of 0 to configure an all-port virtual server (that is, a virtual server that accepts flows destined for all ports).

service

(Optional) Couple connections associated with a given service, such as HTTP or Telnet, so all related connections from the same client use the same real server.

service-name

(Optional) Type of connection coupling. Currently, the only choice is ftp. Couple FTP data connections with the control session that created them.


Defaults

No default behavior or values.

Command Modes

SLB virtual server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Usage Guidelines

The no virtual command is allowed only if the virtual server was removed from service by the no inservice command.

For some applications, it is not feasible to configure all the virtual server TCP or UDP port numbers for the IOS SLB feature. To support such applications, you can configure IOS SLB virtual servers to accept flows destined for all ports. To configure an all-port virtual server, specify a port number of 0.


Note In general, you should use port-bound virtual servers instead of all-port virtual servers. When you use all-port virtual servers, flows can be passed to servers for which no application port exists. When servers reject these flows, IOS SLB might fail the server and remove it from load balancing.


Examples

The following example specifies that the virtual server with the IP address 10.0.0.1 performs load balancing for TCP connections for the port named www. The virtual server processes HTTP requests.

ip slb vserver PUBLIC_HTTP
virtual 10.0.0.1 tcp www

Related Commands

Command
Description

ip slb vserver

Identifies a virtual server.

show ip slb vservers

Displays information about the virtual servers.


weight

To specify the capacity of a real server relative to other real servers in the server farm, use the weight real server configuration command. To restore the default weight value, use the no form of this command.

weight weighting-value

no weight

Syntax Description

weighting-value

Weighting value to use for real server predictor algorithm. Valid values range from 1 to 155. The default weighting value is 8.


Defaults

The default weighting value is 8.

Command Modes

SLB real server configuration

Command History

Release
Modification

12.0(7)XE

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.


Examples

The following example specifies the relative weighting values of three real servers as 16, 8 (by default), and 24, respectively:

ip slb serverfarm PUBLIC
real 10.10.1.1		First real server
weight 16		Assigned weight of 16
inservice		Enabled
exit
real 10.10.1.2		Second real server
inservice		Enabled; default weight
exit
real 10.10.1.3		Third real server
weight 24		Assigned weight of 24; 	 

Related Commands

Command
Description

real

Identifies a real server.

show ip slb reals

Displays information about the real servers.

show ip slb serverfarms

Displays information about the server farm configuration.