From: Wargo, Edwin (EWargo@greenwichtech.com)
Date: Fri Nov 22 2002 - 15:52:48 GMT-3
Tim,
Not knowing your exact configuration on the CSSs and DNS, there's a whole
host of issues with GSLB. Cookies and SSL add a dynamic to the issue.
Also, the application has to also share state (know that you've logged in to
it at another location). Also, DNS has to be set up correctly (it seems
like it is in your case).
As you've seen in the traces, there's a lot of moving pieces that occur for
the browser to be redirected to another site. The most significant initial
change is DNS (VIP of the servers). Then a new session has to be initiated
with that server (cookies/SSL/user authentication). Even after all that, you
may not be placed back into the area in the app where you left it at the
other site (the app/web servers would have to share state too). I don't
think I've ever seen a clean, seamless cutover from the browser perspective.
Usually, existing user's will need to do some reloading and additional
logging-in while new users shoudn't be affected at all. The good news is
that user's can still access content on your site - keeps the SLA's met :)
I hope that helps.
Edwin
-----Original Message-----
From: Tim Devries
To: 'ccielab@groupstudy.com'
Sent: 11/22/02 12:25 PM
Subject: OT: CSS 11500 Adaptive session redundancy
I know this is somewhat OT for this list, but there are a lot of smart
people and CCIE's on this list, so I thought I might pose a question:
Is it possible to configure Adaptive session redundancy on css11500's
located in different datacenters? (I.E. no layer 2 connection between
content switches, a lan extension between datacenters located 1000+km's
away
is not feasible)
The reason I ask is I've configured my 11800's for global load balancing
according to this link:
http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configura
tion
_example09186a008009438a.shtml
However, it seems Cisco is embellishing when it says, "Unplug (or
suspend)
all the servers on the French CSS. Click on a link on the page. The CSS
has
redirected the browser seamlessly to a server on the remote CSS." In
fact,
this is not what happens.
When I unplug the servers at one location, and click a link in my app, I
get
a page cannot be displayed error, and doing a netstat -n on my machine
shows
that a SYN is being sent to the downed location. Opening a new browser
and
inserting the link does direct me to the location that is up, so I can
verify that the APP session between switches is exchanging the correct
DNS
info. This is far from 'seamless' though.
According to that link, when I disconnect the servers at the 'hot' site,
I
should be seamlessly redirected to the servers behind the CSS at the
'warm'
site.
Doing a packet analysis on the transaction (from the point of downing
the
services to clicking the link), shows that my browser is attempting to
connect to the dns address it received when it first connected to the
site
at the 'hot' datacenter. Seeing as how the servers are down at that
location, I get a page cannot be displayed. When I open a new browser I
get
the new dns entry, and of course am redirected to the new location.
However, Cisco promised 'seamless failover' (i.e. within a browser
window),
and it has not delivered on this, so I am wondering if there is another
way
to accomplish this. From what I can tell about ASR it looks like the
switches cannot be geographically seperated if they want to maintain
state,
but perhaps someone else out there has encountered a similar issue with
Cisco products and found a solution?
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:09 GMT-3