-
User Guide for the Cisco Application Networking Manager 4.2
-
Index
-
Preface
-
Overview
-
Using Homepage
-
Using ANM Guided Setup
-
Importing and Managing Devices
-
Configuring Virtual Contexts
-
Configuring Virtual Servers
-
Configuring Real Servers and Server Farms
-
Configuring Stickiness
-
Configuring Parameter Maps
-
Configuring SSL
-
Configuring Network Access
-
Configuring High Availability
-
Configuring Traffic Policies
-
Configuring Application Acceleration and Optimization
-
Using Configuration Building Blocks
-
Monitoring Your Network
-
Administering the Cisco Application Networking Manager
-
Troubleshooting Cisco Application Networking Manager Problems
-
ANM Ports Reference
-
Using ANM With Virtual Data Centers
-
Glossary
-
Feedback
Table Of Contents
HTTP Content Sticky Group Attributes
HTTP Cookie Sticky Group Attributes
HTTP Header Sticky Group Attributes
IP Netmask Sticky Group Attributes
Layer 4 Payload Sticky Group Attributes
RADIUS Sticky Group Attributes
RTSP Header Sticky Group Attributes
Displaying All Sticky Groups by Context
Configuring Stickiness
Date: 1/26/11This chapter describes how to configure stickiness on the Cisco Application Control Engine (ACE) using Cisco Application Networking Manager (ANM).
Note
When naming ACE objects (such as a real server, virtual server, parameter map, class map, health probe, and so on), enter an alphanumeric string of 1 to 64 characters, which can include the following special characters: underscore (_), hyphen (-), dot (.), and asterisk (*). Spaces are not allowed.
If you are using ANM with an ACE module or ACE appliance and you configure a named object at the ACE CLI, keep in mind that ANM does not support all of the special characters that the ACE CLI allows you to use when configuring a named object. If you use special characters that ANM does not support, you may not be able to import or manage the ACE using ANM.This chapter includes the following sections:
Information About Stickiness
When customers visit an e-commerce site, they usually start out browsing the site. The site may require that the client become "stuck" to one server once the connection is established, or once client starts to build a shopping cart.
In either case, once the client adds items to the shopping cart, it is important that all of the client requests get directed to the same server so that all the items are contained in one shopping cart on one server. An instance of a customer's shopping cart is typically local to a particular web server and is not duplicated across multiple servers.
E-commerce applications are not the only types of applications that require stickiness. Any web application that maintains client information may require stickiness, such as banking applications or online trading. Other uses include FTP and HTTP file transfers.
Stickiness allows the same client to maintain multiple simultaneous or subsequent TCP or IP connections with the same real server for the duration of a session. A session is series of transactions between a client and a server over some finite period of time (from several minutes to several hours). This feature is particularly useful for e-commerce applications where a client needs to maintain multiple connections with the same server while shopping online, especially while building a shopping cart and during the checkout process.
Depending on the configured SLB policy, the ACE sticks a client to an appropriate server after the ACE has determined which load-balancing method to use. If the ACE determines that a client is already stuck to a particular server, then the ACE sends that client request to that server, regardless of the load-balancing criteria specified by the matched policy. If the ACE determines that the client is not stuck to a particular server, it applies the normal load-balancing rules to the content request.
For information about stickiness, see:
Related Topics
•
Sticky Types
All ACE devices support stickiness based on the following:
•
•
•
•
•
•
•
•
This section includes the following topics:
HTTP Content Stickiness
HTTP content stickiness allows you to stick a client to a server based on the content of an HTTP packet. You can specify a beginning pattern and ending pattern, the number of bytes to parse, and an offset that specifies how many bytes to ignore from the beginning of the data.
Related Topics
HTTP Cookie Stickiness
Client cookies uniquely identify clients to the ACE and the servers that provide content. A cookie is a small data structure within the HTTP header that is used by a server to deliver data to a web client and request that the client store the information. In certain applications, the client returns the information to the server to maintain the connection state or persistence between the client and the server.
When the ACE examines a request for content and determines through policy matching that the content is sticky, it examines any cookie or URL present in the content request. The ACE uses the information in the cookie or URL to direct the content request to the appropriate server.
The ACE supports the following types of cookie stickiness:
•
You can configure the ACE to look for a specific cookie name and automatically learn its value either from the client request HTTP header or from the server Set-Cookie message in the server response. Dynamic cookie learning is useful when dealing with applications that store more than just the session ID or user ID within the same cookie. Only very specific bytes of the cookie value are relevant to stickiness.
By default, the ACE learns the entire cookie value. You can optionally specify an offset and length to instruct the ACE to learn only a portion of the cookie value.
Alternatively, you can specify a secondary cookie value that appears in the URL string in the HTTP request. This option instructs the ACE to search for (and eventually learn or stick to) the cookie information as part of the URL. URL learning is useful with applications that insert cookie information as part of the HTTP URL. In some cases, you can use this feature to work around clients that reject cookies.
•
The ACE inserts the cookie on behalf of the server upon the return request, so that the ACE can perform cookie stickiness even when the servers are not configured to set cookies. The cookie contains information that the ACE uses to ensure persistence to a specific real server.
Related Topics
HTTP Header Stickiness
You can use HTTP-header information to provide stickiness. With HTTP header stickiness, you can specify a header offset to provide stickiness based on a unique portion of the HTTP header.
Related Topics
IP Netmask Stickiness
You can use the source IP address, the destination IP address, or both to uniquely identify individual clients and their requests for stickiness purposes based on their IP netmask. However, if an enterprise or a service provider uses a megaproxy to establish client connections to the Internet, the source IP address no longer is a reliable indicator of the true source of the request. In this case, you can use cookies or one of the other sticky methods to ensure session persistence.
Related Topics
Layer 4 Payload Stickiness
Layer 4 payload stickiness allows you to stick a client to a server based on the data in Layer 4 frames. You can specify a beginning pattern and ending pattern, the number of bytes to parse, and an offset that specifies how many bytes to ignore from the beginning of the data.
Related Topics
RADIUS Stickiness
RADIUS stickiness can be based on the following RADIUS attributes:
•
•
Related Topics
RTSP Header Stickiness
Real time streaming protocol (RTSP) stickiness is based on information in the RTSP session header. With RTSP header stickiness, you can specify a header offset to provide stickiness based on a unique portion of the RTSP header.
Related Topics
SIP Header Stickiness
Session initiation protocol (SIP) header stickiness is based on the SIP Call-ID header field. SIP header stickiness requires the entire SIP header, so you cannot specify an offset.
Related Topics
Sticky Groups
The ACE uses the concept of sticky groups to configure stickiness. A sticky group allows you to specify sticky attributes. After you configure a sticky group and its attributes, you associate the sticky group with a Layer 7 policy-map action in a Layer 7 server load balancing (SLB) policy map.You can create a maximum of 4096 sticky groups in each context. Each sticky group that you configure on the ACE contains a series of parameters that determine the following:
•
•
•
•
Note
Related Topics
Sticky Table
The ACE uses a sticky table to keep track of sticky connections. Table entries are as follows:
•
•
•
•
The sticky table can hold a maximum of four million entries (four million simultaneous users). When the table reaches the maximum number of entries, additional sticky connections cause the table to wrap and the first users become unstuck from their respective servers.
The ACE uses a configurable timeout mechanism to age out sticky table entries. When an entry times out, it becomes eligible for reuse. High connection rates may cause the premature aging out of sticky entries. In this case, the ACE reuses the entries that are closest to expiration first.
Sticky entries can be either dynamic (generated by the ACE on demand) or static (user-configured). When you create a static sticky entry, the ACE places the entry in the sticky table immediately. Static entries remain in the sticky database until you remove them from the configuration. You can create a maximum of 4096 static sticky entries in each context.
If the ACE takes a real server out of service for whatever reason (probe failure, no inservice command, or ARP timeout), the ACE removes from the database any sticky entries that are related to that server.
Related Topics
Configuring Sticky Groups
You can configure sticky groups. Stickiness (or session persistence) is a feature that allows the same client to maintain multiple simultaneous or subsequent TCP connections with the same real server for the duration of a session. A session is a series of transactions between a client and a server over some finite period of time (from several minutes to several hours). This feature is particularly useful for e-commerce applications where a client needs to maintain multiple TCP connections with the same server while shopping online, especially while building a shopping cart and during the checkout process.
E-commerce applications are not the only types of applications that require stickiness. Any web application that maintains client information may require stickiness, such as banking applications or online trading. Other uses include FTP and HTTP file transfers.
The ACE uses the concept of sticky groups to configure stickiness. A sticky group allows you to specify sticky attributes. After you configure a sticky group and its attributes, you associate the sticky group with a Layer 7 policy-map action in a Layer 7 SLB policy map.
Note
Assumption
(Pre ACE version A4(1.0) module or appliance only) The context in which you are configuring a sticky group is associated with a resource class that allocates resources to stickiness.
Procedure
Step 1
The Sticky Groups table appears.
Step 2
Step 3
Table 8-1 Sticky Group Attributes
Group Name
Sticky group identifier. Valid entries are unquoted text strings with no spaces and a maximum of 64 alphanumeric characters.
Type
Method to be used when establishing sticky connections and to configure any type-specific attributes. The choices are as follows:
•
•
•
•
Note
•
•
•
•
Sticky Server Farm
Server farm that you want to associate with this sticky group.
Backup Server Farm
Backup server farm that is associated with this sticky group. If the primary server farm is down, the ACE uses the backup server farm.
Aggregate State
Field that appears when a server farm and backup server farm are selected.
Check box that indicates that the state of the backup server farm is tied to the virtual server state. Uncheck this check box if the backup server farm is not tied to the virtual server state.
Sticky Enabled On Backup Server Farm
Field that appears when a server farm and backup server farm are selected.
Check box that indicates that the backup server farm is sticky. Uncheck this check box if the backup server farm is not sticky.
Replicate On HA Peer
Check box that indicates that the ACE to replicate sticky table entries on the standby ACE. If a failover occurs and this option is selected, the new active ACE can maintain the existing sticky connections.
Uncheck this check box to indicate that the ACE is not to replicate sticky table entries on the standby ACE.
Timeout (Minutes)
Number of minutes that the ACE keeps the sticky information for a client connection in the sticky table after the latest client connection terminates. Valid entries are from 1 to 65535; the default is 1440 minutes (24 hours).
Timeout Active Connections
Check box that specifies that the ACE is to time out sticky table entries even if active connections exist after the sticky timer expires.
Uncheck this check box to specify that the ACE is not to time out sticky table entries even if active connections exist after the sticky timer expires. This behavior is the default.
Step 4
•
•
•
Related Topics
•
•
•
•
Sticky Group Attribute Tables
This section describes the different sticky group type-specific attributes.
Note
This section includes the following topics:
•
•
•
•
•
•
•
HTTP Content Sticky Group Attributes
Table 8-2 describes the HTTP content sticky group attributes.
Table 8-2 HTTP Content Sticky Group Attributes
HTTP Content
Check box that instructs the ACE to use the constant portion of HTTP content to make persistent connections to a specific server. Uncheck the check box to identify specific content for stickiness in the Offset, Length, Begin Pattern, and End Pattern fields.
HTTP content may change over time with only a portion remaining constant throughout a transaction between the client and a server.
Offset
Number of bytes that the virtual server is to ignore starting with the first byte of the cookie. Valid entries are from 0 to 999. The default is 0 (zero), which indicates that the virtual server does not exclude any portion of the cookie.
Length (Bytes)
Length of the portion of the cookie (starting with the byte after the offset value) that the ACE is to use for sticking the client to the server. Valid entries are from 1 to 1000.
Begin Pattern
Beginning pattern of the HTTP content payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE begins parsing immediately after the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification.
Valid entries are unquoted text strings with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports regular expressions for matching string expressions. Table 13-34 lists the supported characters that you can use for matching string expressions.
End Pattern
Pattern that marks the end of hashing. If you do not specify an end pattern or a length, the ACE continues to parse the data until it reaches the end of the field or packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification.
Valid entries are unquoted text strings with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports regular expressions for matching string expressions. Table 13-34 lists the supported characters that you can use for matching string expressions.
HTTP Cookie Sticky Group Attributes
Table 8-3 describes the HTTP cookie sticky group attributes.
HTTP Header Sticky Group Attributes
Table 8-4 describes the HTTP header sticky group attributes.
IP Netmask Sticky Group Attributes
Table 8-5 describes the IP netmask sticky group attributes.
Layer 4 Payload Sticky Group Attributes
Table 8-6 describes the Layer 4 payload sticky group attributes.
Table 8-6 Layer 4 Payload Sticky Group Attributes
Offset
Number of bytes the virtual server is to ignore starting with the first byte of the cookie. Valid entries are from 0 to 999. The default is 0 (zero), which indicates that the virtual server does not exclude any portion of the cookie.
Length (Bytes)
Length of the portion of the cookie (starting with the byte after the offset value) that the ACE is to use for sticking the client to the server. Valid entries are from 1 to 1000. The default is 1000.
Begin Pattern
Beginning pattern of the Layer 4 payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE begins parsing immediately after the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification.
Valid entries are unquoted text strings with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). The ACE supports regular expressions for matching string expressions. Table 13-34 lists the supported characters that you can use for matching string expressions.
End Pattern
Pattern that marks the end of hashing. If you do not specify an end pattern or a length, the ACE continues to parse the data until it reaches the end of the field or packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification.
Valid entries are unquoted text strings with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). The ACE supports regular expressions for matching string expressions. Table 13-34 lists the supported characters that you can use for matching string expressions.
Enable Sticky For Response
Check box that enables the ACE to parse server responses and perform sticky learning. The ACE uses a hash of the server response bytes to populate the sticky database. The next time that the ACE receives a client request with those same bytes, it sticks the client to the same server.
Uncheck the check box to reset the behavior of the ACE to the default of not parsing server responses and performing sticky learning.
RADIUS Sticky Group Attributes
Table 8-7 describes the RADIUS sticky group attributes.
RTSP Header Sticky Group Attributes
Table 8-8 describes the RTSP header sticky group attributes.
Displaying All Sticky Groups by Context
You can display all sticky groups associated with a virtual context.
Procedure
Step 1
The Virtual Contexts table appears.
Step 2
The Sticky Groups table appears, listing the sticky groups associated with the selected context.
Related Topics
Configuring Sticky Statics
You can configure sticky statics.
Assumption
A sticky group has been configured. See the "Configuring Sticky Groups" section for more information.
Procedure
Step 1
The Sticky Groups table appears.
Step 2
The Sticky Statics configuration window appears.
Step 3
The sequence number indicates the order in which multiple sticky static configurations are applied.
Step 4
The choices are as follows:
•
•
•
•
Note
•
•
•
•
Step 5
Valid entries are unquoted text strings with a maximum of 255 alphanumeric characters. If the string includes spaces, enclose the string with quotes.
Step 6
a.
b.
Step 7
Step 8
Valid entries are from 1 to 65535.
Step 9
•
•
•
