To configure an access interface for a server farm, use the access command in server farm configuration mode. To disable the access interface, use the no form of this command.

Syntax Description

Command Default

The server farm handles outbound flows from real servers on all interfaces.

Command Modes

Server farm configuration (config-slb-sfarm)

Command History

Usage Guidelines

The virtual server and its associated server farm interfaces must be in the same Virtual Private Network (VPN) routing and forwarding (VRF).

You can specify up to two access interfaces for each server farm. To do so, configure two access statements, keeping the following considerations in mind:

• The two interfaces must be in the same VRF.
• The two interfaces must be different from each other.
• The access interfaces of primary and backup server farms must be the same.
• You cannot change the interfaces for a server farm while it is in service.

If you do not configure an access interface using this command, IOS SLB installs the wildcards for the server farm in all of the available interfaces of the device, including the VRF interfaces. If IOS SLB is not required on the VRF interfaces, use this command to limit wildcards to the specified interfaces only.

Related Commands

To enable framed-IP routing to inspect the ingress interface, use the access command in virtual server configuration mode. To disable framed-IP routing, use the no form of this command.

Syntax Description

Command Default

Framed-IP routing cannot inspect the ingress interface.

Command Modes

Virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

This command enables framed-IP routing to inspect the ingress interface when routing subscriber traffic. All framed-IP sticky database entries created as a result of RADIUS requests to this virtual server will include the interface in the entry. In addition to matching the source IP address of the traffic with the framed-IP address, the ingress interface must also match this interface when this command is configured.

You can use this command to allow subscriber data packets to be routed to multiple service gateway service farms.

The virtual server and its associated server farm interfaces must be in the same Virtual Private Network (VPN) routing and forwarding (VRF).

You can specify up to two framed-IP access interfaces for each virtual server. To do so, configure two access statements, keeping the following considerations in mind:

• The two interfaces must be in the same VRF.
• The two interfaces must be different from each other.
• You cannot change the interfaces for a virtual server while it is in service.

If you do not configure an access interface using this command, IOS SLB installs the wildcards for the virtual server in all of the available interfaces of the device, including the VRF interfaces. If IOS SLB is not required on the VRF interfaces, use this command to limit wildcards to the specified interfaces only.

Related Commands

To configure an IP address to which to send custom User Datagram Protocol (UDP) probes, use the addresscommand in custom UDP probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the custom UDP probe is associated with a firewall farm, you must specify an IP address. If the custom UDP probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers.

Command Modes

Custom UDP probe configuration (config-slb-probe)

Command History

Related Commands

To configure an IP address to which to send Domain Name System (DNS) probes, use the addresscommand in DNS probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the DNS probe is associated with a firewall farm, you must specify an IP address. If the DNS probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers.

Command Modes

DNS probe configuration (config-slb-probe)

Command History

Related Commands

To configure an IP address to which to send HTTP probes, use the addresscommand in HTTP probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the HTTP probe is associated with a firewall farm, you must specify an IP address. If the HTTP probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers.

Command Modes

HTTP probe configuration (config-slb-probe)

Command History

Related Commands

To configure an IP address to which to send ping probes, use the addresscommand in ping probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the ping probe is associated with a firewall farm, you must specify an IP address. If the ping probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers.

Command Modes

Ping probe configuration (config-slb-probe)

Command History

Related Commands

To configure an IP address to which to send TCP probes, use the addresscommand in TCP probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the TCP probe is associated with a firewall farm, you must specify an IP address If the TCP probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers.

Command Modes

TCP probe configuration (config-slb-probe)

Command History

Related Commands

To configure an IP address to which to send Wireless Session Protocol (WSP) probes, use the addresscommand in WSP probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If the WSP probe is associated with a firewall farm, you must specify an IP address. If the WSP probe is associated with a server farm, and you do not specify an IP address, the address is inherited from the server farm real servers. In dispatched mode, the ip-address argument value is the same as the virtual server IP address. In directed Network Address Translation (NAT) mode, an IP address is unnecessary.

Command Modes

WSP probe configuration (config-slb-probe)

Command History

Related Commands

To control the installation of a static route to the Null0 interface for a virtual server address, use the advertise command in SLB virtual server configuration mode. To prevent the installation of a static route for the virtual server IP address, use the no form of this command.

Syntax Description

Command Default

The virtual server IP address is advertised. That is, a static route to the Null0 interface is installed for the virtual server IP addresses and it is added to the routing table. If you do not specify the activekeyword, the host route is advertised regardless of whether the virtual IP address is available.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

Advertisement of a static route using the routing protocol requires that you configure redistribution of static routes for the routing protocol.

The advertise command does not affect virtual servers used for transparent web cache load balancing.

HTTP probes and route health injection require a route to the virtual server. The route is not used, but it must exist to enable the sockets code to verify that the destination can be reached, which in turn is essential for HTTP probes and route health injection to function correctly.

• For HTTP probes, the route can be either a host route (advertised by the virtual server) or a default route (specified using the ip route 0.0.0.0 0.0.0.0command, for example). If you specify either the no advertise or the advertise active command, you must specify a default route.
• For route health injection, the route must be a default route.

HTTP probes and route health injection can both use the same default route; you need not specify two unique default routes.

Related Commands

To identify a Dynamic Feedback Protocol (DFP) agent with which the IOS Server Load Balancing (IOS SLB) feature can initiate connections, use the agentcommand in SLB DFP configuration mode. To remove a DFP agent definition from the DFP configuration, use the no form of this command.

Syntax Description

Command Default

The default timeout is 0 seconds (no timeout). The default retry count is 0 (infinite retries). The default retry interval is 180 seconds.

Command Modes

SLB DFP configuration (config-slb-dfp)

Command History

Usage Guidelines

A DFP agent collects status information about the load capability of a server and reports that information to a load manager. The DFP agent may reside on the server, or it may be a separate device that collects and consolidates the information from several servers before reporting to the load manager.

The password specified in the ip slb dfp command for the DFP manager must match the password specified in the password command for the DFP agent.

You can configure up to 1024 agents.

Related Commands

To configure an ASCII regular expression string to be matched against the access point name (APN) for general packet radio service (GPRS) load balancing, use the apn command in SLB GTP map configuration mode. To delete the APN string, use the no form of this command.

Syntax Description

Command Default

None

Command Modes

SLB GTP map configuration (config-slb-gtp-map)

Command History

Usage Guidelines

For a given IOS SLB GTP map, you can configure up to 100 apn commands. However, we recommend you configure no more than 10 apn commands per map.

Related Commands

To configure a bind ID, use the bindidcommand inSLBserver farm configuration mode. To remove a bind ID from the server farm configuration, use the no form of this command.

Syntax Description

Command Default

The default bind ID is 0.

Command Modes

SLB server farm configuration (config-slb-sfarm)

Command History

Usage Guidelines

You can configure one bind ID on each bindid command.

The bind ID allows a single physical server to be bound to multiple virtual servers, and to report a different weight for each one. Thus, the single real server is represented as multiple instances of itself, each having a different bind ID. Dynamic Feedback Protocol (DFP) uses the bind ID to identify for which instance of the real server a given weight is specified.

In general packet radio service (GPRS) load balancing, bind IDs are not supported. Therefore do not use the bindidcommand in a GPRS load-balancing environment.

Related Commands

To configure an ASCII regular expression string to be matched against the calling station ID attribute for RADIUS load balancing, use the calling-station-id command in SLB RADIUS map configuration mode. To delete the calling station ID match string, use the no form of this command.

Syntax Description

Command Default

None

Command Modes

SLB RADIUS map configuration (config-slb-radius-map)

Command History

Usage Guidelines

For a given IOS SLB RADIUS map, you can configure a single calling-station-id command or a single username (IOS SLB) command, but not both.

Related Commands

To clear Feature Manager (FM) IOS Server Load Balancing (IOS SLB) counters, use the clear fm slb counterscommand in privileged EXEC mode.

Syntax Description

Command Default

FM IOS SLB counters are not cleared.

Command Modes

Privileged EXEC (#)

Command History

Related Commands

To clear the IP IOS Server Load Balancing (IOS SLB) connections, use the clear ip slb connections command in privileged EXEC mode.

Syntax Description

Command Default

The IOS SLB connection database is cleared for all firewall farms, server farms, and virtual servers.

Command Modes

Privileged EXEC (#)

Command History

Usage Guidelines

In general packet radio service (GPRS) load balancing, the clear ip slb connections command clears connections, but does not clear sessions.

Related Commands

To clear the IP IOS Server Load Balancing (IOS SLB) counters, use the clear ip slb counterscommand in privileged EXEC mode.

Syntax Description

Command Default

IP IOS SLB counters are not cleared.

Command Modes

Privileged EXEC (#)

Command History

Related Commands

To clear the IP IOS Server Load Balancing (IOS SLB) sessions database, use the clear ip slb sessionscommand in privileged EXEC mode.

Syntax Description

Command Default

If no optional keywords or arguments are specified, the IOS SLB sessions database is cleared of all firewall farms, server farms, and virtual servers.

Command Modes

Privileged EXEC (#)

Command History

Related Commands

To clear an entry from an IOS Server Load Balancing (IOS SLB) Access Service Network (ASN) Mobile Station ID (MSID) sticky database, use the clear ip slb sticky asn msidcommand in privileged EXEC mode.

Syntax Description

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Usage Guidelines

When you use this command to clear an entry from the IOS SLB ASN MSID sticky database, the session is not cleared; it lingers until it times out. (The session timeout is configured by using the idle command in SLB virtual server configuration mode; the default timeout is 60 seconds.) To clear the session manually, use the clear ip slb sessions command in privileged EXEC mode.

Related Commands

To clear entries from an IOS Server Load Balancing (IOS SLB) general packet radio service (GPRS) Tunneling Protocol (GTP) International Mobile Subscriber ID (IMSI) sticky database, use the clear ip slb sticky gtp imsicommand in privileged EXEC mode.

Syntax Description

Command Default

If you enter this command without the optional IMSI ID, all entries are cleared from the IOS SLB GTP IMSI sticky database.

Command Modes

Privileged EXEC (#)

Command History

Usage Guidelines

When you use this command to clear an entry from the IOS SLB GTP IMSI sticky database, the session is not cleared; it lingers until it times out. (The session timeout is configured by using the idle command in SLB virtual server configuration mode; the default timeout is 30 seconds.) If the same user tries to create a new Packet Data Protocol (PDP) context before the session times out, using the same Network Service Access Point Identifier (NSAPI) but a different access point name (APN), IOS SLB forwards the request to the old server farm, even though the new APN should lead to a different server farm. To avoid this problem, clear the session manually by using the clear ip slb sessions command in privileged EXEC mode.

Related Commands

To clear entries from a IOS Server Load Balancing (IOS SLB) RADIUS sticky database, use the clear ip slb sticky radiuscommand in privileged EXEC mode.

Syntax Description

Command Default

If no optional arguments are specified, all entries are cleared from the IOS SLB RADIUS calling-station-ID sticky database or framed-IP sticky database.

Command Modes

Privileged EXEC (#)

Command History

Usage Guidelines

When you use this command to clear an entry from the IOS SLB RADIUS calling-station-ID sticky database, the session is not cleared; it lingers until it times out. (The session timeout is configured by using the idle command in SLB virtual server configuration mode; the default timeout is 30 seconds.) If the same user tries to create a new Packet Data Protocol (PDP) context before the session times out, using the same Network Service Access Point Identifier (NSAPI) but a different access point name (APN), IOS SLB forwards the request to the old server farm, even though the new APN should lead to a different server farm. To avoid this problem, clear the session manually by using the clear ip slb sessions command in privileged EXEC mode.

Related Commands

To define which clients are allowed to use the virtual server, use the clientcommand in Server Load Balancing (SLB) virtual server configuration mode. To remove a client definition from the SLB configuration, use the no form of this command.

Syntax Description

Command Default

The default client IPv4 address is 0.0.0.0 (all clients). The default client IPv4 network mask is 0.0.0.0 (all subnets). Taken together, the default is client 0.0.0.0 0.0.0.0 (allows all clients on all subnets to use the virtual server). If you specify gtp carrier-code and you do not specify a code, the virtual server accepts PDP context creates from any IMSI carrier code.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

You can use more than one client command to define more than one client.

The netmask value is applied to the source IPv4 address of incoming connections. The result must match the ipv4-address value for the client to be allowed to use the virtual server.

If you configure probes in your network, you must also do one of the following:

• Configure the exclude keyword on the client command on the virtual server to exclude connections initiated by the client IPv4 address from the load-balancing scheme.
• Configure IPv4 addresses on the IOS SLB device that are Layer 3-adjacent to the real servers used by the virtual server.

Configure separate client commands to specify the clients that can use the virtual server, and to specify the IMSI carrier code from which the virtual server is to accept PDP context creates.

Dual-stack support for GTP load balancing does not support this command.

Related Commands

To configure basic authentication values for the HTTP IOS Server Load Balancing (IOS SLB) probe, use the credentialscommand in HTTP probe configuration mode. To remove a credentials configuration, use the no form of this command.

Syntax Description

Command Default

Basic authentication values for the HTTP IOS SLB probe are not configured.

Command Modes

HTTP probe configuration (config-slb-probe)

Command History

Related Commands

To change the amount of time the IOS Server Load Balancing (IOS SLB) maintains TCP connection context after a connection has terminated, use the delaycommand in firewall farm TCP protocol configuration mode. To restore the default delay timer, use the no form of this command.

Syntax Description

Command Default

The default duration is 10 seconds.

Command Modes

Firewall farm TCP protocol configuration (config-slb-fw-tcp)

Command History

Usage Guidelines

The delay timer allows out-of-sequence packets and final acknowledgments (ACKs) to be delivered after a TCP connection ends. Do not set this value to zero (0).

If you are configuring a delay timer for HTTP flows, choose a low number such as 5 seconds as a starting point.

Related Commands

To change the amount of time IOS Server Load Balancing (IOS SLB) maintains TCP connection context after a connection has terminated, use the delaycommand in SLB virtual server configuration mode. To restore the default delay timer, use the no form of this command.

Syntax Description

Command Default

The default duration for the TCP connection context is 10 seconds. The default duration for the RADIUS framed-ip sticky database is 10 seconds.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

The TCP connection context delay timer allows out-of-sequence packets and final acknowledgments (ACKs) to be delivered after a TCP connection ends. Do not set this value to zero (0).

If you are configuring a TCP connection context delay timer for HTTP flows, choose a low number such as 5 seconds as a starting point.

For the Home Agent Director, the delay command has no meaning and is not supported.

Related Commands

To configure a status code or regular expression to expect information from the HTTP probe, use the expectcommand in HTTP probe configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

The default expected status code is 200. There is no default expected regular expression.

Command Modes

HTTP probe configuration (config-slb-probe)

Command History

Usage Guidelines

The expect command configures the expected status code or regular expression to be received from the servers. A real server is considered to have failed and is taken out of service if any of the following events occurs:

• A status number other than the expected one is received.
• The expected regular expression is not received in the first 2920 bytes of probe output. (IOS Server Load Balancing [IOS SLB] searches only the first 2920 bytes for the expected status code or regular expression.)
• The server fails to respond.

For IOS SLB firewall load balancing, configure the HTTP probe to expect status code 40l.

Related Commands

To configure the IOS Server Load Balancing (IOS SLB) feature’s behavior when a firewall fails, use the failaction command in firewall farm configuration mode.

Syntax Description

Command Default

If you do not specify the failactioncommand, IOS SLB does not automatically remove connections to failed firewalls.

Command Modes

Firewall farm configuration (config-slb-fw)

Command History

Usage Guidelines

This command is useful for applications that do not rotate the source port (such as Internet Key Exchange [IKE]), and for protocols that do not have ports to differentiate flows (such as Encapsulation Security Payload [ESP]).

To configure IOS Server Load Balancing (IOS SLB) feature’s behavior when a real server fails, use the failaction command in server farm configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

If you do not specify the failactioncommand, IOS SLB does not perform the following actions:

• Remove connections to failed real servers
• Remove connections to objects associated with failed real servers
• Remove ASN or GPRS sticky objects (IOS SLB continues to assign new session requests to the failed real servers)
• Reassign RADIUS sticky objects

Command Modes

Server farm configuration (config-slb-sfarm)

Command History

Usage Guidelines

This command is useful for applications that do not rotate the source port (such as Internet Key Exchange [IKE]), and for protocols that do not have ports to differentiate flows (such as Encapsulation Security Payload [ESP]).

You can specify no failaction purge, but it has no effect on the connection database.

If you specify failaction radius reassign, IOS SLB reassigns RADIUS sticky objects without seeing any new RADIUS messages. The assumption is that, in the event of a failure, the RADIUS proxy gateways can handle user flows without seeing the RADIUS messages. If the RADIUS proxy gateways cannot do so, do not specify the failaction radius reassign command.

To specify the number of consecutive unacknowledged custom User Datagram Protocol (UDP) probes that constitute failure of the real server, use the faildetectcommand in custom UDP probe configuration mode. To restore the default values that indicate a server failure, use the no form of this command.

Syntax Description

Command Default

The default value is one (1) unacknowledged probe.

Command Modes

Custom UDP probe configuration (config-slb-probe)

Command History

Related Commands

To specify the conditions that indicate a server failure, use the faildetectcommand in DNS probe configuration mode. To restore the default values that indicate a server failure, use the no form of this command.

Syntax Description

Command Default

The default value is three (3) unacknowledged DNS probes.

Command Modes

DNS probe configuration (config-slb-probe)

Command History

Related Commands

To specify the conditions that indicate a server failure, use the faildetectcommand in ping probe configuration mode. To restore the default values that indicate a server failure, use the no form of this command.

Syntax Description

Command Default

The default value is ten (10) unacknowledged pings.

Command Modes

Ping probe configuration (config-slb-probe)

Command History

Related Commands

To enable automatic server failure detection, use the faildetect inbandcommand in real server configuration mode. To disable automatic server failure detection, use the no form of this command.

Syntax Description

This command has no arguments or keywords.

Command Default

Automatic server failure detection is enabled.

Command Modes

Real server configuration (config-slb-real)

Command History

Usage Guidelines

If you have configured all-port virtual servers (that is, virtual servers that accept flows destined for all ports except GTP ports), flows can be passed to servers for which no application port exists. When the servers reject these flows, Cisco IOS SLB might fail the servers and remove them from load balancing. This situation can also occur in slow-to-respond AAA servers in RADIUS load-balancing environments. To prevent this situation, you can disable automatic server failure detection using the no faildetect inband command.

Note	If you disable automatic server failure detection using the no faildetect inband command, Cisco strongly recommends that you configure one or more probes. If you specify the no faildetect inband command, the faildetect numconns command is ignored, if specified.

Related Commands

To specify the conditions that indicate a real server failure, use the faildetect numconnscommand in SLB real server configuration mode. To restore the default values that indicate a server failure, use the no form of this command.

Syntax Description

Command Default

If you do not specify the faildetect numconnscommand, the default value of the connection failure threshold is 8. If you specify the faildetect numconnscommand but do not specify the numclients keyword, the default value of the client connection failure threshold is 2.

Command Modes

SLB real server configuration (config-slb-real)

Command History

Usage Guidelines

If you specify the no faildetect inband command, the faildetect numconns command is ignored, if specified.

IOS SLB does not fail the real server until both of the following conditions are met:

• There have been number-of-connsconsecutive connection failures.
• There have been number-of-clients unique client connection failures.

That is, there can be many consecutive connection failures, but until there have also been number-of-clients unique client connection failures, IOS SLB does not fail the real server.

Similarly, there can be many unique client connection failures, but until there have also been number-of-conns consecutive connection failures, IOS SLB does not fail the real server.

GPRS load balancing has the following features:

• The numconns keyword specifies the number of consecutive Create Packet Data Protocol (PDP) requests allowed before IOS SLB fails the gateway GPRS support node (GGSN).
• The numclients keyword specifies the number of unique client Create PDP request failures allowed before IOS SLB fails the GGSN.

Related Commands

To specify a weight to be used by the IOS SLB KeepAlive Application Protocol (KAL-AP) agent when calculating the load value for a server farm, use the farm-weightcommand in server farm configuration mode. To restore the default weight value, use the no form of this command.

Syntax Description

Command Default

If you do not configure a KAL-AP farm weight, IOS SLB calculates a relative weight.

Command Modes

Server farm configuration (config-slb-sfarm)

Command History

Usage Guidelines

Configuring a farm-weight enables KAL-AP to calculate loads more accurately when load balancing in a global server load balancing (GSLB) environment.

For best results, configure a farm-weight that is equal to the sum of the maximum DFP weights for the real servers in the server farm. (The maximum DFP weight for a real server is configured using the gprs dfp max-weightcommand in global configuration mode.) For example, if there are three real servers in a server farm, configured with maximum DFP weights of 100, 50, and 50, then configure a farm-weight of 200 (that is, 100 + 50 + 50). If a real server is added to or removed from the server farm, you must adjust the farm-weight accordingly.

Related Commands

To limit the number of times IOS SLB can reassign a session to a new real server for GGSN-IOS SLB messaging, use the gtp notification caccommand in virtual server configuration mode. To restore the default limit, use the no form of this command.

Syntax Description

Command Default

The default is 2 reassignments (that is, the initial real server assignment and 2 additional reassignments).

Command Modes

Virtual server configuration (config-slb-vserver)

Command History

Related Commands

To enable IOS SLB to create general packet radio service (GPRS) Tunneling Protocol (GTP) load-balancing sessions, use the gtp session command in SLB virtual server configuration mode. To disable the creation of GTP sessions by IOS SLB, (the sticky-only load-balancing solution), use the no form of this command.

Syntax Description

This command has no arguments or keywords.

Command Default

IOS SLB creates GTP load-balancing sessions. Sticky-only load-balancing is disabled.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

Sticky-only load balancing is supported for all versions of GTP.

If sticky-only load balancing (no gtp session) is enabled for GTP:

• IOS SLB load-balances GTP Packet Data Protocol (PDP) create requests based on the sticky objects in the GTP International Mobile Subscriber ID (IMSI) sticky database.
• Sticky connections must also be enabled for the virtual server, using the sticky (virtual server)command.
• Automatic server failure detection (the faildetect inband command) is not supported. Instead, use probes to detect real server failures.

Related Commands

To specify the port that the Cisco Broadband Wireless Gateway (BWG) is to use to communicate with IOS SLB, use the gw port command in SLB virtual server configuration mode. To restore the default settings, use the no form of this command.

Syntax Description

Command Default

No port number is defined.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

The Cisco BWG uses this port when sending delete notifications and NAI update messages to IOS SLB.

If multiple communication ports are needed, the network administrator must identify multiple unique unused ports.

Related Commands

To change the amount of time IOS Server Load Balancing (IOS SLB) waits for an ACCT-START message from a new Mobile IP foreign agent in the event of a foreign agent hand-off, use the hand-off radiuscommand in virtual server configuration mode. To restore the default hand-off timer, use the no form of this command.

Syntax Description

Command Default

No default behavior or values.

Command Modes

Virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

The hand-off radius timer is valid only for RADIUS virtual servers that have the service radiuskeywords specified on the virtual command.

Related Commands

To configure the basic authentication values for the HTTP probe, use the headercommand in HTTP probe configuration mode. To remove a header HTTP probe configuration, use the no form of this command.

Syntax Description

Command Default

The following headers are inserted in the request by default:

Accept: */* Connection: close User-Agent: cisco-slb-probe/1.0 Host: virtual IP address

Command Modes

HTTP probe configuration (config-slb-probe)

Command History

Usage Guidelines

The headercommand in HTTP probe configuration mode configures the name and value parameters of the header.

Note	The colon ( : ) separating the field name and field value is automatically inserted if not provided. Multiple headers with the same name are not supported.

Related Commands

To specify the minimum time IOS Server Load Balancing (IOS SLB) maintains connection information in the absence of packet activity, use the idle command in firewall farm datagram protocol configuration mode. To restore the default idle duration value, use the no form of this command.

Syntax Description

Command Default

The default idle duration is 3600 seconds.

Command Modes

Firewall farm datagram protocol configuration (config-slb-fw-udp)

Command History

Related Commands

To specify the minimum time IOS Server Load Balancing (IOS SLB) maintains connection information in the absence of packet activity, use the idle command in firewall farm TCP protocol configuration mode. To restore the default idle duration value, use the no form of this command.

Syntax Description

Command Default

The default idle duration is 3600 seconds.

Command Modes

Firewall farm TCP protocol configuration (config-slb-fw-tcp)

Command History

Usage Guidelines

If a client sends a TCP packet that is not a sequence number (SYN) or reset (RST) packet, and IOS SLB does not have a TCP connection object in its table (possibly due to expiration of the idle timer), IOS SLB sends a TCP RST to the client.

If you are configuring an idle timer for HTTP flows, choose a low number such as 120 seconds as a starting point. A low number ensures that the IOS SLB connection database maintains a manageable size if problems at the server, client, or network result in a large number of connections. However, do not choose a value under 60 seconds; such a low value can reduce the efficiency of IOS SLB.

Related Commands

To specify the minimum time the IOS Server Load Balancing (IOS SLB) maintains connection information in the absence of packet activity, use the idle command in SLB virtual server configuration mode. To restore the default idle duration value, use the no form of this command.

Syntax Description

Command Default

The default idle duration is:

• 60 seconds in ASN load balancing.
• 60 seconds for objects in the ASN MSID sticky database.
• 0 seconds for objects in the GTP IMSI sticky database.
• 10 seconds in the Home Agent Director
• 30 seconds in GPRS load balancing
• 30 seconds for RADIUS entries in the IOS SLB session database
• 7200 seconds for entries in the IOS SLB RADIUS framed-IP sticky database
• 3600 seconds (1 hour) in all other environments

The default setting for the query keyword is no queries.

The default setting for the max-queries argument is 5 queries.

Command Modes

SLB virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

If a client sends a TCP packet that is not a sequence number (SYN) or reset (RST) packet, and IOS SLB does not have a TCP connection object in its table (possibly due to expiration of the idle timer), IOS SLB sends a TCP RST to the client.

If you are configuring an idle timer for HTTP flows, choose a low number such as 120 seconds as a starting point. A low number ensures that the IOS SLB connection database maintains a manageable size if problems at the server, client, or network result in a large number of connections. However, do not choose a value under 60 seconds (except in GPRS load balancing); such a low value can reduce the efficiency of the IOS SLB feature.

In most environments, the idle timer times out data paths. However, in GPRS load balancing, it times out the session context for signaling paths (not data paths).

In GPRS load balancing without GTP cause code inspection enabled, you must specify an idle timer greater than the longest possible interval between PDP context requests on the serving GPRS support node (SGSN). The longest interval can be expressed using the following algorithm:

Longest interval = T3 x 2(N3-2)

where T3 is the SGSN’s T3-RESPONSE counter value and N3 is the SGSN’s N3-REQUESTS counter value.

For example, if the T3-RESPONSE counter value is 3 and the N3-REQUESTS counter value is 6, then:

Longest interval = 3 x 2(6-2) = 3 x 2(4) = 3 x 16 = 48 seconds

Given those values, you must specify an idle timer of at least 49 seconds.

Related Commands

To enable the Dynamic Feedback Protocol (DFP) agent for communication with a DFP manager, use the inservice command in DFP agent configuration mode. To remove the DFP agent from service, use the no form of this command.

Syntax Description

This command has no arguments or keywords.

Command Default

The DFP agent is inactive.

Command Modes

DFP agent configuration (config-dfp)

Command History

Usage Guidelines

A DFP agent is inactive until both of the following conditions are met:

• The DFP agent has been enabled using the inservice (DFP agent) command.
• The client subsystem has changed the DFP agent’s state to ACTIVE.

When you use the no form of this command to remove a DFP agent from service, the DFP agent closes all open connections, and no new connections are assigned.

Related Commands

To enable the firewall farm for use by IOS Server Load Balancing (IOS SLB), use the inservicecommand in firewall farm configuration mode. To remove the firewall farm from service, use the no form of this command.

Syntax Description

Command Default

The firewall farm is defined to IOS SLB but is not used.

Command Modes

Firewall farm configuration (config-slb-fw)

Command History

Usage Guidelines

When you use the no form of this command to remove a firewall farm from service, the firewall farm acquiesces gracefully. No new connections are assigned, and existing connections are allowed to complete.

Related Commands

To enable the firewall for use by IOS Server Load Balancing (IOS SLB), use the inservicecommand in firewall farm real server configuration mode. To remove the firewall from service, use the no form of this command.

Syntax Description

This command has no arguments or keywords.

Command Default

The firewall is defined to IOS SLB but is not used.

Command Modes

Firewall farm real server configuration (config-slb-fw-real)

Command History

Usage Guidelines

IOS SLB firewall load balancing uses probes to detect failures. Therefore, if you have not configured a probe, the firewall is not placed in service.

When you use the no form of this command to remove a firewall from service, the firewall acquiesces gracefully. No new connections are assigned, and existing connections are allowed to complete.

Related Commands

To enable the real server for use by IOS Server Load Balancing (IOS SLB), use the inservicecommand in SLB server farm real server configuration mode. To remove the real server from service, use the no form of this command.

Syntax Description

This command has no arguments or keywords.

Command Default

The real server is defined to IOS SLB but is not used.

Command Modes

SLB server farm real server configuration (config-slb-sfarm-real)

Command History

Related Commands

To enable the virtual server for use by IOS Server Load Balancing (IOS SLB), use the inservicecommand in SLB server farm virtual server configuration mode. To remove the virtual server from service, use the no form of this command.

Syntax Description

Command Default

The virtual server is defined to IOS SLB but is not used.

Command Modes

SLB server farm virtual server configuration (config-slb-vserver)

Command History

Usage Guidelines

When you use the no form of this command to remove a virtual server from service, the virtual server acquiesces gracefully. No new connections are assigned, and existing connections are allowed to complete.

If the active keyword is configured, and all of the real servers that are associated with the virtual server are inactive, the following actions occur:

• The virtual server is placed in the INOP_REAL state.
• An SNMP trap is generated for the virtual server’s state transition.
• The virtual server stops answering ICMP requests.

Related Commands

To configure a custom User Datagram Protocol (UDP) probe interval, use the intervalcommand in custom UDP probe configuration mode. To remove a custom UDP probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default custom UDP probe interval value is 10 seconds.

Command Modes

Custom UDP probe configuration (config-slb-probe)

Command History

Related Commands

To configure a Dynamic Feedback Protocol (DFP) agent weight recalculation interval, use the intervalcommand in DFP agent configuration mode. To restore the default setting, use the no form of this command.

Syntax Description

Command Default

The default interval value is 10 seconds.

Command Modes

DFP agent configuration (config-dfp)

Command History

Usage Guidelines

The DFP agent sends a new weight to the DFP manager only if the new weight is different from the old weight. If the new weight is the same as the old weight, it is not sent to the DFP manager.

Related Commands

To configure a DNS probe interval, use the intervalcommand in DNS probe configuration mode. To remove a DNS probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default DNS probe interval value is 10 seconds.

Command Modes

DNS probe configuration (config-slb-probe)

Command History

Related Commands

To configure an HTTP probe interval, use the intervalcommand in HTTP probe configuration mode. To remove an HTTP probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default HTTP probe interval value is 8 seconds.

Command Modes

HTTP probe configuration (config-slb-probe)

Command History

Related Commands

To configure a ping probe interval, use the intervalcommand in ping probe configuration mode. To remove a ping probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default ping probe interval value is 1 second.

Command Modes

Ping probe configuration (config-slb-probe)

Command History

Related Commands

To configure a TCP probe interval, use the intervalcommand in TCP probe configuration mode. To remove a TCP probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default TCP probe interval value is 10 seconds.

Command Modes

TCP probe configuration (config-slb-probe)

Command History

Related Commands

To configure a Wireless Session Protocol (WSP) probe interval, use the intervalcommand in WSP probe configuration mode. To remove a WSP probe interval configuration, use the no form of this command.

Syntax Description

Command Default

The default WSP probe interval value is 8 seconds.

Command Modes

WSP probe configuration (config-slb-probe)

Command History

Related Commands

To identify a Dynamic Feedback Protocol (DFP) agent subsystem and enter DFP agent configuration mode, use the ip dfp agentcommand in global configuration mode. To remove the DFP agent identification, use the no form of this command.

Syntax Description

Command Default

No DFP agent subsystem is defined.

Command Modes

Global configuration (config)

Command History