Solved

configuring a CSS 11501 for node deactivation

Posted on 2006-11-09
9
351 Views
Last Modified: 2012-08-13
I have a 2-node cluster and I need to disable traffic from going to my second node. Please advice.

I have noticed that if I ping my virtual IP address from one node, it always sends traffic to the other node. If I disable 1 node, will traffic be sent to the node if that node is the one sending the traffic? Or if only one node exists, then that node is the one that will receive the traffic regardless of the traffic?

This is super urgent hence the prize.

Regards,
0
Comment
Question by:rolutola
  • 5
  • 4
9 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 17908421
The CSS will load balance and provide redundancy based on the status of the services.  If a service is down because of a failed keepalive, the CSS will only direct traffic to the node that is alive.  So, to disable traffic from going to the second node, suspend the second node service on the CSS.
0
 
LVL 16

Author Comment

by:rolutola
ID: 17909076
Do I need only to remove from content, service, group or should it suffice to just suspend a service? Do you have a sample config?

Thanks.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 17909130
You should be able to just simply suspend the service which will mark the service as "suspended".  The CSS will no longer send traffic to the server defined in the suspended service.  I'm assuming your content rule has two services in it so the other "active" service will only be used.

You should be able to simply do the following to suspend the service:

conf t
service <service name>
suspend
0
 
LVL 16

Author Comment

by:rolutola
ID: 17913277
Thanks. Please tell me the following 2 things:

1. How do I disable TCP monitoring for a node?
2. How do I configure the load balancer to return immediately to the calling client?

Many thanks.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 43

Expert Comment

by:JFrederick29
ID: 17913583
1.  When you say TCP monitoring, I assume you mean a TCP keepalive?  If so, change the keepalive type to none "keepalive type none".  Be aware that if you do not use a keepalive the service is always "alive" regardless of the state of the server so traffic will be forwarded to it regardless.  Of course this only applies to servers that are load balanced or redundant.

2.  I'm not sure what you mean.  The CSS will "proxy" the TCP handshake and once complete, the CSS will forward the request to the backend server.  This should be immediate.
0
 
LVL 16

Author Comment

by:rolutola
ID: 17928649
1. I don't know what it means. These are instructions for installing Oracle with a load balancer and the installation has been causing me no end of problems so I just want to make sure I stick to the isntructions as closely as possible to eliminate likely causes of problems. The instruction says ensure you disable TCP monitoring for the node I'm installing on.

2. Again, the instruction tells me to configure my load balancer so that it returns to the calling client immediately. I have seen the adverse effcet of not doing this because one of my components time-out and actually fails during the installation so this is obviously essential.

Thanks.
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 17929245
1.  Okay, sounds like a keepalive to me.  Set the keepalive to none on the service (keepalive type none).

2.  I'm still not sure that is something configurable and may not apply to the CSS (if a generic recommendation).

If you take load balancing out of the picture and attempt this connectivity directly to the server (not the VIP), does it work?
0
 
LVL 16

Author Comment

by:rolutola
ID: 17929823
This is for installation purpose. Yes if I run the installation with the virtual server host pointing to the local IP, it works well, but if I use the content switch VIP, this particular component times-out hence the instruction to retun to the calling client immediately. Does that help?
0
 
LVL 16

Author Comment

by:rolutola
ID: 17993924
I bypassed the content switch for my installation since I had a couple of unresolved unknowns and the installation completed successfully. However, I now need to point to virtual hosts to my content switch.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now