Jump to content


Photo

Grr SF loadbalancing

Started by Mic Kraan , 15 March 2017 - 09:08 AM
4 replies to this topic

Mic Kraan Members

Mic Kraan
  • 3 posts

Posted 15 March 2017 - 09:08 AM

Ok here we go, i have read up on some of the same posts on here.

 

I have 2 SF servers (3.11) and  a netscaler (10.5).

SF configuration - standard store with netscaler configured and a callback

 

If using one SF server everything is ok (doesn't matter if i use SF1 or SF2)

However when I put it in a LB situation I get the famous - CDS event id 17 (sticky load-balancing between client and SF is misconfigured).

Now I get this error on both SF servers if in LB but as soon as I remove one server it is all back in working order.

 

I checked all certificates and can browse everything without a cert error, i checked netscaler and the application firewall is not enabled.

XML is set on the Delivery Controllers.

 

Now as a Callback on the netscaler I created a NG added the Cert the Authentication the SSL parameters, however i still have a question as to what would be good policies to set for a VIP callback ?

 

 



Carl Stalhood CTP Member

Carl Stalhood
  • 11,788 posts

Posted 15 March 2017 - 11:08 AM

What persistence is configured on your load balancing vServer?

Callback shouldn't have anything to do with persistence. If you created a separate Gateway vServer for callback, it doesn't need any config except for cert.

Mic Kraan Members

Mic Kraan
  • 3 posts

Posted 15 March 2017 - 10:12 PM

Hi 

 

thanks for replying Carl, 

Persistence is SOURCEIP / time-out: 20

 

Regarding NG vServer I should only have a new server with a Cert (for report purpose can I still disable sslv3)

 

Cheers



Carl Stalhood CTP Member

Carl Stalhood
  • 11,788 posts

Posted 15 March 2017 - 10:24 PM

Yes.

Mic Kraan Members

Mic Kraan
  • 3 posts

Posted 15 March 2017 - 11:39 PM

Currently within traffic- mgmt / Load Balancing / Services I have the two SF servers i used the protocol SSL, I have read in some posts that they use TCP with port 443.

 

Could this cause the error (and therefor the famous can't complete request) ?

 

Kind Regards




Also tagged with one or more of these keywords: storefront, netscaler, loadbalance