Sticky HTTP Cookie Configuration Mode Commands
Sticky cookie configuration mode commands allow you to configure the ACE to learn a cookie from either the HTTP header of a client request or the Set-Cookie message sent by the server to a client. The ACE then uses the learned cookie to provide stickiness between a client and a server for the duration of a transaction. To configure the ACE to use HTTP cookies for stickiness, use the sticky http-cookie command in configuration mode. This command creates a sticky cookie group and allows you to access sticky cookie configuration mode. The prompt changes to (config-sticky-cookie). To remove the sticky cookie group from the configuration, use the no form of this command.
sticky http-cookie name1 name2
no sticky http-cookie name1 name2
Syntax Description
name1 |
Cookie value from the HTTP header of the client request or from the Set-Cookie message from the server. Enter a unique identifier for the cookie with a maximum of 64 alphanumeric characters. |
name2 |
Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups in the ACE.
By default, the maximum number of bytes that the ACE parses to check for a cookie, HTTP header, or URL is 2048. If a cookie, HTTP header, or URL exceeds the default value, the ACE drops the packet and sends a RST (reset) to the client browser. You can increase the number of bytes that the ACE parses using the (config-parammap-http) set header-maxparse-length command in HTTP parameter-map configuration mode.
You can also change the default behavior of the ACE when a cookie, header, or URL exceeds the maximum parse length using the (config-parammap-http) length-exceed command in HTTP parameter-map configuration mode.
Examples
To create a sticky group for cookie stickiness, enter:
host1/Admin(config)# sticky http-cookie cisco.com GROUP3
host1/Admin(config-sticky-cookie)#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky http-cookie cisco.com GROUP3
Related Commands
show running-config
show sticky database
(config) sticky http-header
(config) sticky ip-netmask
(config-sticky-cookie) cookie insert
To enable cookie insertion, use the cookie insert command. Use cookie insertion when you want to use a session cookie for persistence if the server is not currently setting the appropriate cookie. Use the no form of this command to disable cookie insertion.
cookie insert [browser-expire]
no cookie insert [browser-expire]
Syntax Description
browser-expire |
(Optional) Allows the client's browser to expire a cookie when the session ends. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
With cookie insertion enabled, the ACE inserts the cookie in the Set-Cookie header of the response from the server to the client. The ACE selects a cookie value that identifies the original server from which the client received a response. For subsequent connections of the same transaction, the client uses the cookie to stick to the same server.
With either TCP server reuse or persistence rebalance enabled, the ACE inserts a cookie in every client request. See the (config-parammap-http) server-conn reuse or (config-parammap-http) persistence-rebalance commands.
Examples
To enable cookie insertion, enter:
host1/Admin(config-sticky-cookie)# cookie insert
To disable cookie insertion, enter:
host1/Admin(config-sticky-cookie)# no cookie insert
Related Commands
show sticky cookie-insert group
(config) sticky http-cookie
(config-sticky-cookie) cookie
To configure the cookie offset and length, use the cookie command. Use the no form of this command to remove the cookie offset and length from the configuration.
cookie offset number1 [length number2]
no cookie offset number1 [length number2]
Syntax Description
offset number1 |
Specifies the portion of the cookie that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the cookie. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the cookie. |
length number2 |
(Optional) Specifies the length of the portion of the cookie (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
An HTTP cookie value may change over time with only a portion remaining constant throughout a transaction between the client and a server. You can configure the ACE to use the constant portion of a cookie to make persistent connections to a specific server. The ACE stores cookie offset and length values in the sticky table.
The offset and length can vary from 0 to 1000 bytes. If the content string is longer than the offset but shorter than the offset plus the length of the string, the ACE sticks the connection based on that portion of the content starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000.
Examples
To configure the cookie offset and length, enter:
host1/Admin(config-sticky-cookie)# cookie offset 300 length 900
To remove the cookie offset and length from the configuration, enter:
host1/Admin(config-sticky-cookie)# no cookie offset 300 length 900
Related Commands
(config) sticky http-cookie
(config-sticky-cookie) cookie secondary
To configure a secondary cookie, use the cookie secondary command. Use the no form of this command to remove a secondary cookie from the configuration.
cookie secondary name
no cookie secondary
Syntax Description
name |
Name of the secondary cookie. Enter a cookie name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
You can configure an alternative cookie name that appears in the URL string of the web page on the server. The ACE uses this cookie to maintain a sticky connection between a client and a server and adds a secondary entry in the sticky table.
Examples
To configure a secondary cookie, enter:
host1/Admin(config-sticky-cookie)# cookie secondary mysite.com
To remove a secondary cookie from the configuration, enter:
host1/Admin(config-sticky-cookie)# no cookie secondary
Related Commands
(config) sticky http-cookie
(config-sticky-cookie) replicate sticky
To instruct the ACE to replicate HTTP cookie sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP cookie sticky table entries.
replicate sticky
no replicate sticky
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate HTTP cookie sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate HTTP cookie sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-cookie
)# replicate sticky
To restore the ACE to its default of not replicating HTTP cookie sticky table entries, enter:
host1/Admin(config-sticky-cookie
)# no replicate sticky
Related Commands
(config) sticky http-cookie
(config-sticky-cookie) serverfarm
To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-cookie)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a sticky group, enter:
host1/Admin(config-sticky-cookie)# no serverfarm
Related Commands
(config) sticky http-cookie
(config-sticky-cookie) static cookie-value
To configure a static cookie, use the static cookie-value command. Use the no form of this command to remove a static cookie from the configuration.
static cookie-value value rserver name [number]
no static cookie-value value rserver name [number]
Syntax Description
value |
Cookie string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. Alternatively, you can enter a text string with spaces provided that you enclose the string in quotation marks ("). |
rserver name |
Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
You can configure the ACE to use static cookies from entries based on cookie values and, optionally, real server names and ports. Static cookie values remain constant over time.
You can configure multiple static cookie entries, but only one unique real-server name can exist for a given static cookie value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static cookie, enter:
host1/Admin(config-sticky-cookie)# static cookie-value CORVETTE rserver SERVER1 4000
To remove a static cookie form the configuration, enter:
host1/Admin(config-sticky-cookie)# no static cookie-value CORVETTE rserver SERVER1 4000
Related Commands
(config) sticky http-cookie
(config-sticky-cookie) timeout
To configure an HTTP cookie sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes.
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Length of time in minutes that the ACE ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 0 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that a sticky entry is timed out when the timer expires even if there are active connections associated with the sticky entry. |
Command Modes
Sticky cookie configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the HTTP cookie sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
When you configure sticky timeout for an HTTP cookie, the timeout translates into the expiration date for the cookie. This expiration date can be longer than the actual timeout specified in the timeout command, with sometimes as much as 20 to 25 minutes added to the expiration date.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP cookie sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To set the duration for sticky connections between a client and a real server to 720 minutes, enter:
host1/Admin(config-sticky-cookie
)# timeout 720
To configure the ACE to time out HTTP cookie sticky entries even if active connections exist for those entries, enter:
host1/Admin(config-sticky-cookie
)# timeout activeconns
To restore the ACE to its default of not timing out HTTP cookie sticky entries if active connections exist for those entries, enter:
host1/Admin(config-sticky-cookie
)# no timeout activeconns
Related Commands
(config) sticky http-cookie
Sticky HTTP Content Configuration Mode Commands
Sticky HTTP content configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a string in the data portion of the HTTP packet. To create an HTTP content sticky group and access sticky HTTP content configuration mode, use the sticky http-content command. The prompt changes to (config-sticky-content). Use the no form of this command to remove the sticky group from the configuration.
sticky http-content name
no sticky http-content name
Syntax Description
name |
Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups on the ACE.
Examples
To create a sticky group for HTTP packet content stickiness, enter:
host1/Admin(config)# sticky http-content HTTP_CONTENT_GROUP
host1/Admin(config-sticky-content)#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky http-content HTTP_CONTENT_GROUP
Related Commands
show running-config
show sticky database
(config-sticky-content) content
To define the portion of the HTTP packet contents that you want the ACE to match, use the content command. Using this command, you can specify offset and length values and a beginning and ending pattern based on a regular expression. The ACE stores these values in the sticky table and uses them to stick a client to a particular server. Use the no form of this command to remove the HTTP content specification from the sticky table.
content [offset number1] [length number2] [begin-pattern expression1]
[end-pattern expression2]
no content [offset number1] [length number2] [begin-pattern expression1]
[end-pattern expression2]
Syntax Description
offset number1 |
(Optional) Specifies the portion of the content that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the content. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the content. |
length number2 |
(Optional) Specifies the length of the portion of the content (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire content. The offset and length can vary from 0 to 1000 bytes. If the content string is longer than the offset but shorter than the offset plus the length of the string, the ACE sticks the connection based on that portion of the content starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same content command. |
begin-pattern expression1 |
(Optional) Specifies the beginning pattern of the HTTP packet content payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). |
end-pattern expression2 |
(Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an ending pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports the use of regular expressions for matching string expressions. You cannot specify both the length and the end-pattern options in the same content command. |
Command Modes
Sticky HTTP content configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The contents of an HTTP packet may change over time with only a portion remaining constant throughout a transaction between the client and a server. You can configure the ACE to use the constant portion of the HTTP packet content to make persistent connections to a specific server. To define the portion of the packet content that you want the ACE to use, you specify offset and length values and a beginning and ending pattern. The ACE stores these values in the sticky table.
Examples
To create an HTTP packet content specification that the ACE will use to stick traffic to a server, enter:
host1/Admin(config-sticky-content)# content offset 250 length 750 begin-pattern abc123.*
To remove the HTTP packet content specification from the configuration, enter:
host1/Admin(config-sticky-content)# no content
Related Commands
(config) sticky http-content
(config-sticky-content) replicate sticky
To instruct the ACE to replicate HTTP content sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP content sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky HTTP content configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate HTTP content sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate HTTP content sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-content)# replicate sticky
To restore the ACE default of not replicating HTTP content sticky table entries, enter:
host1/Admin(config-sticky-content)# no replicate sticky
Related Commands
(config) sticky http-content
(config-sticky-content) serverfarm
To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky HTTP content configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with an HTTP content sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-content)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from an HTTP content sticky group, enter:
host1/Admin(config-sticky-content)# no serverfarm
Related Commands
(config) sticky http-content
(config-sticky-content) static content
To configure a static HTTP content sticky table entry, use the static content command. Use the no form of this command to remove the static entry from the sticky table.
static content value rserver name [number]
no static content value rserver name [number]
Syntax Description
value |
Content string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). |
rserver name |
Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky HTTP content configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
You can configure the ACE to use static sticky table entries based on the HTTP content and optionally, the real server name and port. Static sticky HTTP content entries remain constant over time. You can configure multiple static content entries, but only one unique real-server name can exist for a given static content string. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static sticky entry based on the HTTP content and the server name and port number, enter:
host1/Admin(config-sticky-content)# static content STINGRAY rserver SERVER1 4000
To remove the static HTTP content entry from the sticky table, enter:
host1/Admin(config-sticky-content)# no static content STINGRAY rserver SERVER1 4000
Related Commands
(config) sticky http-content
(config-sticky-content) timeout
To configure an HTTP content sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours).
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. |
Command Modes
Sticky HTTP content configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the HTTP content sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP content sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-content)# timeout 720
To reset the timeout to the default value of 1440 minutes (24 hours), enter:
host1/Admin(config-sticky-content
)# no timeout 720
To specify that the ACE time out HTTP content sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-content)# timeout activeconns
To restore the ACE to its default of not timing out HTTP content sticky entries if active connections exist for those entries, enter:
host1/Admin(config-sticky-content)# no timeout activeconns
Related Commands
(config) sticky http-content
Sticky HTTP Header Configuration Mode Commands
Sticky HTTP header configuration mode commands allow you to create an HTTP header sticky group to enable the ACE to stick client connections to the same real server based on HTTP headers. To access sticky HTTP header configuration mode, use the sticky http-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration.
sticky http-header name1 name2
no sticky http-header name1 name2
Syntax Description
name1 |
HTTP header name. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Alternatively, you can enter one of the standard HTTP headers described in Table 2-23. |
name2 |
Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups in the ACE.
By default, the maximum number of bytes that the ACE parses to check for a cookie, HTTP header, or URL is 2048. If a cookie, HTTP header, or URL exceeds the default value, the ACE drops the packet and sends a RST (reset) to the client browser. You can increase the number of bytes that the ACE parses using the (config-parammap-http) set header-maxparse-length command in HTTP parameter-map configuration mode.
You can also change the default behavior of the ACE when a cookie, header, or URL exceeds the maximum parse length using the (config-parammap-http) length-exceed command in HTTP parameter-map configuration mode.
Table 2-23 lists and describes the standard HTTP header names.
Table 2-23 HTTP Header Names
|
|
Accept |
Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request. |
Accept-Charset |
Character sets that are acceptable for the response. This field allows clients that can understand more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. |
Accept-Encoding |
Restricts the content encoding that a user will accept from the server. |
Accept-Language |
ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO 639 country code to specify a national variant. |
Authorization |
Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. |
Cache-Control |
Directives that must be obeyed by all caching mechanisms on the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. |
Connection |
Allows the sender to specify connection options. |
Content-MD5 |
MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. |
Expect |
Used by a client to inform the server about the behaviors that the client requires. |
From |
E-mail address of the person who controls the requesting user agent. |
Host |
Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. |
If-Match |
Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used, on updating requests, to prevent inadvertent modification of the wrong version of a resource. As a special case, the asterisk (*) value matches any current entity of the resource. |
Pragma |
Pragma directives that are understood by servers to which the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons. |
Referer |
Address (URI) of the resource from which the URI in the request was obtained. |
Transfer-Encoding |
What (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. |
User-Agent |
Information about the user agent (for example, a software program originating the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents for tailoring responses to avoid user agent limitations. |
Via |
Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. |
Examples
To create a group for HTTP header stickiness, enter:
host1/Admin(config-sticky-header)
# sticky http-header Host GROUP4
To remove the sticky group from the configuration, enter:
host1/Admin(config-sticky-header)
# no sticky http-header Host GROUP4
Related Commands
show running-config
show sticky database
(config) sticky http-cookie
(config) sticky ip-netmask
(config-sticky-header) header
To configure the HTTP header offset and length, use the header command. Use the no form of this command to remove the HTTP header offset and length values from the configuration.
header offset number1 [length number2]
no header offset number1 [length number2]
Syntax Description
offset number1 |
Specifies the portion of the HTTP header that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the HTTP header. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the header. |
length number2 |
(Optional) Specifies the length of the portion of the HTTP header (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. |
Command Modes
Sticky HTTP header configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The ACE stores header offset and length values in the sticky table.
You can configure the ACE to use a portion of an HTTP header to make persistent connections to a specific server. To define the portion of the HTTP header that you want the ACE to use, you specify HTTP header offset and length values. The offset and length can vary from 0 to 1000 bytes. The ACE sticks the connection based on that portion of the HTTP header that starts with the byte after the offset value and ends with the byte specified by the offset plus the length. The total bytes represented by the header offset and length cannot exceed 1000.
Examples
To configure the header offset and length, enter:
host1/Admin(config-sticky-header
)# header offset 300 length 900
To remove the HTTP header offset and length values from the configuration, enter:
host1/Admin(config-sticky-header
)# no header offset 300 length 900
Related Commands
(config) sticky http-header
(config-sticky-header) replicate sticky
To instruct the ACE to replicate HTTP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP header sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky HTTP header configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate HTTP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate HTTP header sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-header
)# replicate sticky
To restore the ACE to its default of not replicating HTTP header sticky table entries, enter:
host1/Admin(config-sticky-header
)# no replicate sticky
Related Commands
(config) sticky http-header
(config-sticky-header) serverfarm
To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky HTTP header configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a sticky group, enter:
host1/Admin(config-sticky-header)# no serverfarm
Related Commands
(config) serverfarm
(config) sticky http-header
(config-sticky-header) static header-value
To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration.
static header-value value rserver name [number]
no static header-value value rserver name [number]
Syntax Description
value |
Header string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. Alternatively, you can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). |
rserver name |
Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky HTTP header configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
You can configure the ACE to use static header sticky entries based on HTTP header values and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static header entries, but only one unique real-server name can exist for a given static header sticky value.
When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static header, enter:
host1/Admin(config-sticky-header)# static header-value CORVETTE rserver SERVER1 4000
To remove a static header from the configuration, enter:
host1/Admin(config-sticky-header)# no static header-value CORVETTE rserver SERVER1 4000
Related Commands
(config) sticky http-header
(config-sticky-header) timeout
To configure an HTTP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes.
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Length of time in minutes that the ACE ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the timer expires even if there are active connections. |
Command Modes
Sticky HTTP header configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the HTTP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-header
)# timeout 720
To reset the timeout to the default value of 1440 minutes (24 hours), enter:
host1/Admin(config-sticky-header
)# no timeout 720
To specify that the ACE time out HTTP header sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-content)# timeout activeconns
To restore the ACE to its default of not timing out HTTP header sticky entries if active connections exist for those entries, enter:
host1/Admin(config-sticky-header
)# no timeout activeconns
Related Commands
(config) sticky http-header
Sticky IP Configuration Mode Commands
Sticky IP configuration mode commands allow you to create a sticky group for IP address stickiness. To create a sticky group and access sticky IP configuration mode, use the sticky ip-netmask command. The prompt changes to (config-sticky-ip). Use the no form of this command to remove the sticky group from the configuration.
sticky {v6-prefix prefix_length | ip-netmask netmask} address {source | destination | both} name
no sticky {v6-prefix prefix_length | ip-netmask netmask} address {source | destination | both} name
Syntax Description
v6-prefix prefix_length |
IPv6 prefix that specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter an integer from 1 to 128. |
netmask |
Network mask that the ACE applies to the IP address. Enter a network mask in dotted-decimal notation (for example, 255.255.255.0). Note (ACE module only) If you configure a network mask other than 255.255.255.255 (/32), the ACE may populate the sticky entries only on one of its two network processors which may reduce the number of available sticky entries by 50 percent. This reduction in resources can cause problems when heavy sticky use occurs on the ACE. |
address {source | destination | both} |
Specifies the IP address used for stickiness. Enter one of the following keywords: • source—Specifies that the ACE use the client source IP address to stick the client to a server. You use this keyword in web application environments. • destination—Specifies that the ACE use the destination address specified in the client request to stick the client to a server. You use this keyword in caching environments. • both—Specifies that the ACE use both the source IP address and the destination IP address to stick the client to a server. |
name |
Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
A5(1.0) |
Added the v6-prefix keyword and argument. |
|
|
A1(7) |
This command was introduced. |
A5(1.0) |
Added the v6-prefix keyword and argument. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups on the ACE.
Examples
IPv6 Example
To create a sticky group that uses IPv6 address stickiness based on both the source IPv6 address and the destination IPv6 address, enter:
host1/Admin(config)# sticky v6-prefix 64 address both GROUP1
host1/Admin(config-sticky-ip)#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky v6-prefix 64 address both GROUP1
IPv4 Example
To create a sticky group that uses IPv4 address stickiness based on both the source IP address and the destination IPv4 address, enter:
host1/Admin(config)# sticky ip-netmask 255.255.255.255 address both GROUP1
host1/Admin(config-sticky-ip)#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky ip-netmask 255.255.255.255 address both GROUP1
Related Commands
show running-config
show sticky database
(config) sticky http-cookie
(config) sticky http-header
(config-sticky-ip) replicate sticky
To instruct the ACE to replicate IP address sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating IP address sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky IP configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate IP address sticky table entries on the standby ACE so that, if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate IP address sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-ip)# replicate sticky
To restore the ACE default of not replicating IP address sticky table entries, enter:
host1/Admin(config-sticky-ip)# no replicate sticky
Related Commands
(config) sticky ip-netmask
(config-sticky-ip) serverfarm
To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky IP configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-ip)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state
To dissociate a server farm from a sticky group, enter:
host1/Admin(config-sticky-ip)# no serverfarm
Related Commands
(config) sticky ip-netmask
(config-sticky-ip) static client source
To configure static sticky-IP table entries for IPv6 or IPv4, use the static client command. Use the no form of this command to remove the static entry from the sticky table.
The syntax of this command varies according to the address option that you chose when you created the sticky group using the (config) sticky ip-netmask command. If you configured the sticky group with the source option, the syntax of this command is as follows:
static client source ip_address rserver name [number]
no static client source ip_address rserver name [number]
If you configured the sticky group with the destination option, the syntax of this command is as follows:
static client destination ip_address rserver name [number]
no static client destination ip_address rserver name [number]
If you configured the sticky group with the both option, the syntax of this command is as follows:
static client source ip_address destination ip_address rserver name [number]
no static client source ip_address destination ip_address rserver name [number]
Syntax Description
source ip-address |
Specifies that the static entry is based on the source IP address. Enter an IP address in dotted-decimal notation (for example, 192.168.12.15). |
rserver name |
Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
destination ip-address |
Specifies that the static entry is based on the destination IP address. Enter an IP address in dotted-decimal notation (for example, 172.16.27.3). |
Command Modes
Sticky IP configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
A5(1.0) |
Added IPv6 support. |
|
|
A1(7) |
This command was introduced. |
A5(1.0) |
Added IPv6 support. |
Usage Guidelines
You can configure static sticky table entries based on the IPv6 or IPv4 source IP address, the destination IP address, or the real server name and port. Static sticky-IP values remain constant over time and you can configure multiple static entries. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE.
Examples
IPv6 Example
To configure a static sticky entry based on the source IP address, the destination IP address, and the server name and port number, enter:
host1/Admin(config-sticky-ip)# static client source 2001:DB8:12::15 destination
2001:DB8:27::3 rserver SERVER1 2000
To remove the static entry from the sticky table, enter:
host1/Admin(config-sticky-ip)# no static client source 2001:DB8:12::15 destination
2001:DB8:27::3 rserver SERVER1 2000
IPv4 Example
To configure a static sticky entry based on the source IP address, the destination IP address, and the server name and port number, enter:
host1/Admin(config-sticky-ip)# static client source 192.168.12.15 destination 172.16.27.3
rserver SERVER1 2000
To remove the static entry from the sticky table, enter:
host1/Admin(config-sticky-ip)# no static client source 192.168.12.15 destination
172.16.27.3 rserver SERVER1 2000
Related Commands
(config) sticky ip-netmask
(config-sticky-ip) timeout
To configure an IP address sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours).
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the timer expires even if there are active connections. |
Command Modes
Sticky IP configuration mode
Admin and user contexts
Command History
|
|
3.0(0)A1(2) |
This command was introduced. |
|
|
A1(7) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps (if possible) the IP address sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection or receives a new HTTP GET on an existing connection matching that entry. High connection rates may cause the sticky table entries to age out prematurely.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out IP address sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-ip)# timeout 720
To specify that the ACE time out IP address sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-ip)# timeout activeconns
To restore the ACE to its default of not timing out IP address sticky entries if active connections exist, enter:
host1/Admin(config-sticky-ip)# no timeout activeconns
Related Commands
(config) sticky ip-netmask
Sticky Layer 4 Payload Configuration Mode Commands
Sticky Layer 4 payload configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a string in the payload portion of the Layer 4 protocol packet. To create a Layer 4 payload sticky group and access sticky Layer 4 payload configuration mode, use the sticky layer4-payload command. The prompt changes to (config-sticky-l4payloa). Use the no form of this command to remove the sticky group from the configuration.
sticky layer4-payload name
no sticky layer4-payload name
Syntax Description
name |
Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups on the ACE.
Examples
To create a sticky group that uses Layer 4 payload stickiness, enter:
host1/Admin(config)# sticky layer4-payload L4_PAYLOAD_GROUP
host1/Admin(config-sticky-l4payloa)#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky layer4-payload L4_PAYLOAD_GROUP
Related Commands
show running-config
show sticky database
(config-sticky-l4payloa) layer4-payload
To define the portion of the payload that you want the ACE to match, use the layer4-payload command. Using this command, you can specify payload offset and length values and a beginning and ending pattern based on a regular expression. The ACE stores these values in the sticky table and uses them to stick a client to a particular server. Use the no form of this command to remove the Layer 4 payload specification from the sticky table.
layer4-payload [offset number1] [length number2] [begin-pattern expression1]
[end-pattern expression2]
no layer4-payload [offset number1] [length number2] [begin-pattern expression1]
[end-pattern expression2]
Syntax Description
offset number1 |
(Optional) Specifies the portion of the payload that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the payload. |
length number2 |
(Optional) Specifies the length of the portion of the payload (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same layer4-payload command. |
begin-pattern expression1 |
(Optional) Specifies the beginning pattern of the Layer 4 payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). |
end-pattern expression2 |
(Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an ending pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). The ACE supports the use of regular expressions for matching string expressions. You cannot specify both the length and the end-pattern options in the same layer4-payload command. |
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
A Layer 4 payload may change over time with only a portion remaining constant throughout a transaction between the client and a server. You configure the ACE to use either a specific portion or the constant portion of a Layer 4 payload to make persistent connections to a specific server. To define the portion of the payload that you want the ACE to use, you specify payload offset and length values and a beginning and ending pattern. The ACE stores these values in the sticky table.
Examples
To create a Layer 4 payload specification that the ACE will use to stick traffic to a server, enter:
host1/Admin(config-sticky-l4payloa)# layer4-payload offset 250 length 750 begin-pattern
abc123.*
To remove the Layer 4 payload specification from the configuration, enter:
host1/Admin(config-sticky-l4payloa)# no layer4-payload
Related Commands
(config) sticky layer4-payload
(config-sticky-l4payloa) replicate sticky
To instruct the ACE to replicate Layer 4 payload sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating Layer 4 payload sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate Layer 4 payload sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate Layer 4 payload sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-l4payloa)# replicate sticky
To restore the ACE default of not replicating Layer 4 payload sticky table entries, enter:
host1/Admin(config-sticky-l4payloa)# no replicate sticky
Related Commands
(config) sticky layer4-payload
(config-sticky-l4payloa) response sticky
To instruct the ACE to parse the response bytes from a server and perform sticky learning, use the response sticky command. Use the no form of this command to restore the ACE to its default of not parsing the response from a server.
response sticky
no response sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
Use this command when you want the ACE to parse both the request from the client and the response from the server. Sticky learning allows the ACE to populate the sticky database with a hash of the response bytes from a server. The next time a client request arrives with those same bytes, then the ACE sticks the client to the same server.
Examples
To instruct the ACE to perform sticky learning on responses from a server, enter:
host1/Admin(config-sticky-l4payloa)# response sticky
To restore the ACE default of not performing sticky learning on responses from a server, enter:
host1/Admin(config-sticky-l4payloa)# no response sticky
Related Commands
(config) sticky layer4-payload
(config-sticky-l4payloa) serverfarm
To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a Layer 4 payload sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-l4payloa)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a Layer 4 payload sticky group, enter:
host1/Admin(config-sticky-l4payloa)# no serverfarm
Related Commands
(config) sticky layer4-payload
(config-sticky-l4payloa) static layer4-payload
To configure static Layer 4 payload sticky table entries, use the static layer4-payload command. Use the no form of this command to remove the static entry from the sticky table.
static layer4-payload value rserver name [number]
no static layer4-payload value rserver name [number]
Syntax Description
value |
Payload string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks ("). |
rserver name |
Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
You can configure static sticky table entries based on the Layer 4 payload and optionally, the real server name and port. Static sticky Layer 4 payload values remain constant over time. You can configure multiple static payload entries, but only one unique real-server name can exist for a given static payload value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static sticky entry based on the Layer 4 payload and the server name and port number, enter:
host1/Admin(config-sticky-l4payloa)# static layer4-payload STINGRAY rserver SERVER1 4000
To remove the static Layer 4 payload entry from the sticky table, enter:
host1/Admin(config-sticky-l4payloa)# no static layer4-payload STINGRAY rserver SERVER1
4000
Related Commands
(config) sticky layer4-payload
(config-sticky-l4payloa) timeout
To configure a Layer 4 payload sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours).
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. |
Command Modes
Sticky Layer 4 payload configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the Layer 4 payload sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out Layer 4 payload sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-l4payloa)# timeout 720
To specify that the ACE time out Layer 4 payload sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-l4payloa)# timeout activeconns
To restore the ACE to its default of not timing out Layer 4 payload sticky entries if active connections exist, enter:
host1/Admin(config-sticky-l4payloa)# no timeout activeconns
Related Commands
(config) sticky layer4-payload
Sticky RADIUS Configuration Mode Commands
Sticky RADIUS configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a RADIUS attribute. To create a RADIUS attribute sticky group and access sticky RADIUS configuration mode, use the sticky radius framed-ip command. The prompt changes to (config-sticky-radius). Use the no form of this command to remove the sticky group from the configuration.
sticky radius framed-ip [calling-station-id | username] name
no sticky radius framed-ip [calling-station-id | username] name
Syntax Description
calling-station-id |
(Optional) Specifies stickiness based on the RADIUS framed IP attribute and the calling station ID attribute. |
username |
(Optional) Specifies stickiness based on the RADIUS framed IP attribute and the username attribute. |
name |
Unique identifier of the RADIUS sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups on the ACE.
Examples
To create a sticky group that uses RADIUS attribute stickiness, enter:
host1/Admin(config)
# sticky radius framed-ip calling-station-id RADIUS_GROUP
host1/Admin(config-sticky-
radius)
#
To remove the sticky group from the configuration, enter:
host1/Admin(config)# no sticky radius framed-ip calling-station-id RADIUS_GROUP
Related Commands
show running-config
show sticky database
(config-sticky-radius) replicate sticky
To instruct the ACE to replicate RADIUS attribute sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating RADIUS sticky group table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky RADIUS configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate RADIUS attribute sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate RADIUS attribute sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-radius)# replicate sticky
To restore the ACE default of not replicating RADIUS attribute sticky table entries, enter:
host1/Admin(config-sticky-radius)# no replicate sticky
Related Commands
(config) sticky radius framed-ip
(config-sticky-radius) serverfarm
To complete a RADIUS attribute sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky RADIUS configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a RADIUS attribute sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-radius)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a RADIUS attribute sticky group, enter:
host1/Admin(config-sticky-radius)# no serverfarm
Related Commands
(config) sticky radius framed-ip
(config-sticky-radius) timeout
To configure a RADIUS sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours).
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. |
Command Modes
Sticky RADIUS configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the RADIUS attribute sticky group information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out RADIUS sticky group table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-radius)# timeout 720
To specify that the ACE time out RADIUS sticky group table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-radius)# timeout activeconns
To restore the ACE to its default of not timing out RADIUS sticky group entries if active connections exist, enter:
host1/Admin(config-sticky-radius)# no timeout activeconns
Related Commands
(config) sticky radius framed-ip
Sticky RTSP Header Configuration Mode Commands
Sticky RTSP header configuration mode commands allow you to create an RTSP header sticky group to enable the ACE to stick client connections to the same real server based on the RTSP Session header field. To access sticky RTSP header configuration mode, use the sticky rtsp-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration.
sticky rtsp-header Session name1
no sticky rtsp-header Session name1
Syntax Description
Session |
RTSP Session header field. The ACE supports only the RTSP Session header field for stickiness. |
name1 |
Unique identifier of the RTSP sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups in the ACE.
Examples
To create a group for RTSP header stickiness, enter:
host1/Admin(config)
# sticky rtsp-header Session RTSP_GROUP
host1/Admin(config-sticky-header)
#
To remove the sticky group from the configuration, enter:
host1/Admin(config)
# no sticky rtsp-header Session RTSP_GROUP
Related Commands
show running-config
show sticky database
(config-sticky-header) header
To configure the RTSP Session header offset and length, use the header command. Use the no form of this command to remove the RTSP Session header offset and length values from the configuration.
header offset number1 [length number2]
no header offset number1 [length number2]
Syntax Description
offset number1 |
Specifies the portion of the RTSP Session header that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the RTSP header. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the header. |
length number2 |
(Optional) Specifies the length of the portion of the RTSP header (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. |
Command Modes
Sticky RTSP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The ACE stores header offset and length values in the sticky table.
You can configure the ACE to use a portion of the RTSP header to make persistent connections to a specific server. To define the portion of the RTSP header that you want the ACE to use, you specify RTSP header offset and length values. The offset and length can vary from 0 to 1000 bytes. The ACE sticks the connection based on that portion of the RTSP header that starts with the byte after the offset value and ends with the byte specified by the offset plus the length. The total bytes represented by the header offset and length cannot exceed 1000.
Examples
To configure the header offset and length, enter:
host1/Admin(config-sticky-header
)# header offset 300 length 900
To remove the RTSP header offset and length values from the configuration, enter:
host1/Admin(config-sticky-header
)# no header offset 300 length 900
Related Commands
(config) sticky http-header
(config-sticky-header) replicate sticky
To instruct the ACE to replicate RTSP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating RTSP header sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky RTSP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate RTSP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate RTSP header sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-header
)# replicate sticky
To restore the ACE to its default of not replicating RTSP header sticky table entries, enter:
host1/Admin(config-sticky-header
)# no replicate sticky
Related Commands
(config) sticky rtsp-header
(config-sticky-header) serverfarm
To complete an RTSP header sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky RTSP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a sticky group, enter:
host1/Admin(config-sticky-header)# no serverfarm
Related Commands
(config) serverfarm
(config) sticky rtsp-header
(config-sticky-header) static header-value
To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration.
static header-value value rserver name [number]
no static header-value value rserver name [number]
Syntax Description
value |
Header value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). |
rserver name |
Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky RTSP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
You can configure the ACE to use static header sticky entries based on the value of the RTSP Session header field and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static header entries, but only one unique real-server name can exist for a given static header sticky value.
When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static RTSP header sticky entry, enter:
host1/Admin(config-sticky-header)# static header-value 12345678 rserver SERVER1 3000
To remove the static RTSP header entry from the sticky table, enter:
host1/Admin(config-sticky-header)# no static header-value 12345678 rserver SERVER1 3000
Related Commands
(config) sticky rtsp-header
(config-sticky-header) timeout
To configure an RTSP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes.
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the timer expires even if there are active connections. |
Command Modes
Sticky RTSP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the RTSP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out RTSP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-header
)# timeout 720
To reset the timeout to the default value of 1440 minutes (24 hours), enter:
host1/Admin(config-sticky-header
)# no timeout 720
To specify that the ACE time out RTSP header sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-content)# timeout activeconns
To restore the ACE to its default of not timing out RTSP header sticky entries if active connections exist for those entries, enter:
host1/Admin(config-sticky-header
)# no timeout activeconns
Related Commands
(config) sticky rtsp-header
Sticky SIP Header Configuration Mode Commands
Sticky SIP header configuration mode commands allow you to create a SIP header sticky group to enable the ACE to stick client connections to the same real server based on the SIP Call-ID header field. To access sticky SIP header configuration mode, use the sticky sip-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration.
sticky sip-header name1 name2
no sticky sip-header name1 name2
Syntax Description
name1 |
SIP header field. The ACE supports only the SIP Call-ID header field for stickiness. Enter Call-ID. |
name2 |
Unique identifier of the SIP sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
Command Modes
Configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.
You can create a maximum of 4096 sticky groups in the ACE.
Examples
To create a group for SIP header stickiness, enter:
host1/Admin(config)
# sticky sip-header Call-ID SIP_GROUP
host1/Admin(config-sticky-header)
#
To remove the sticky group from the configuration, enter:
host1/Admin(config)
# no sticky sip-header Call-ID SIP_GROUP
Related Commands
show running-config
show sticky database
(config-sticky-header) replicate sticky
To instruct the ACE to replicate SIP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating SIP header sticky table entries.
replicate sticky
no replicate sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Sticky SIP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If you are using redundancy, you can configure the ACE to replicate SIP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections.
The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced.
Examples
To instruct the ACE to replicate SIP header sticky table entries on the standby ACE, enter:
host1/Admin(config-sticky-header
)# replicate sticky
To restore the ACE to its default of not replicating SIP header sticky table entries, enter:
host1/Admin(config-sticky-header
)# no replicate sticky
Related Commands
(config) sticky sip-header
(config-sticky-header) serverfarm
To complete a SIP header sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group.
serverfarm name1 [backup name2 [sticky] [aggregate-state]]
no serverfarm
Syntax Description
name1 |
Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. |
backup name2 |
(Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
sticky |
(Optional) Specifies that the backup server farm is sticky. |
aggregate-state |
(Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. |
Command Modes
Sticky SIP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active):
•
If the sticky option is enabled, then:
–
All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm.
–
All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm.
•
If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm.
•
Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm.
You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine.
Examples
To associate a server farm with a sticky group and specify a sticky backup server farm, enter:
host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky
aggregate-state
To dissociate a server farm from a sticky group, enter:
host1/Admin(config-sticky-header)# no serverfarm
Related Commands
(config) serverfarm
(config) sticky sip-header
(config-sticky-header) static header-value
To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration.
static header-value value rserver name [number]
no static header-value value rserver name [number]
Syntax Description
value |
SIP header value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks ("). |
rserver name |
Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. |
number |
(Optional) Port number of the real server. Enter an integer from 1 to 65535. |
Command Modes
Sticky SIP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
You can configure the ACE to use static header sticky entries based on the value of the SIP Call-ID header field and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static SIP header entries, but only one unique real-server name can exist for a given static SIP header sticky value.
When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE.
Examples
To configure a static SIP header sticky entry, enter:
host1/Admin(config-sticky-header)# static header-value 12345678 rserver SERVER1 3000
To remove the static SIP header entry from the sticky table, enter:
host1/Admin(config-sticky-header)# no static header-value 12345678 rserver SERVER1 3000
Related Commands
(config) sticky sip-header
(config-sticky-header) timeout
To configure a SIP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes.
timeout {minutes | activeconns}
no timeout {minutes | activeconns}
Syntax Description
minutes |
Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). |
activeconns |
Specifies that sticky entries are timed out when the timer expires even if there are active connections. |
Command Modes
Sticky SIP header configuration mode
Admin and user contexts
Command History
|
|
A2(1.0) |
This command was introduced. |
|
|
A3(1.0) |
This command was introduced. |
Usage Guidelines
The sticky timeout specifies the period of time that the ACE keeps the SIP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry.
By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out SIP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command.
Examples
To specify a timeout value of 720 minutes, enter:
host1/Admin(config-sticky-header
)# timeout 720
To reset the timeout to the default value of 1440 minutes (24 hours), enter:
host1/Admin(config-sticky-header
)# no timeout 720
To specify that the ACE time out SIP header sticky table entries even if active connections exist after the sticky timer expires, enter:
host1/Admin(config-sticky-content)# timeout activeconns
To restore the ACE to its default of not timing out SIP header sticky entries if active connections exist for those entries, enter:
host1/Admin(config-sticky-header
)# no timeout activeconns
Related Commands
(config) sticky sip-header