Quantcast
Channel: Technical Support - KEMP Technologies Community Forums
Viewing all 104 articles
Browse latest View live

Help configuring ethernet bonding or using eth2?

March 29, 2013, 7:42 am
$
0
0
I currently have 1 firewall, 1 Kemp Load Master 2000, 2 switches, and 5
servers. eth0 is being used for the connection between the firewall and
the load master is is configured for the 10.10.10.0/24 network. Eth1 is
configured for the 10.0.0.0/16 network and is currently hooked up to one
of the switches which connects all the servers that use the 10.0.0.0/16
network together. eth1 currently has the IP 10.0.0.1 and all of the
servers on the 10.0.0.0/16 network use this as their gateway.

I'd
like to be able to hook Eth2 up to the second switch and hook this up
to all the second NICs on the servers (This is supported on the servers
via NIC Teaming on windows server 2012 currently). I have tried to bond
eth1 and eth2 together using active-backup, but the bonded device
management screen says no ports available. What am I doing wrong? Also
could I just use eth2 as an extra connection like on a switch? Does it
matter if I give it the same IP as eth1 or can I just give it an IP on
the 10.0.0.0/16 netwok? Will this work with all the servers configured
to use 10.0.0.1 as the gateway? Let me know if this is clear as mud.
Search

Drain stopping Remote Desktop Layer 4

April 2, 2013, 5:43 am
$
0
0
Hi,
 
We have a couple of LM-2600's load balancing Remote Desktop on layer 4. We're not using layer 7 due do the restriction of 9 characters in the username in the initial RDP package, which leads to uneaven load balancing when most of our remote desktop users have long and quite similar usernames. 
Anyway, back to the question :-)   
I've read your reply in this discussionbut can't seem to figure out where to set the default drain stop timeout for layer 4?

Besides missing this feature, we are very satisfied owners of the Kemps. 

Best regards
Christian

Load Balancing IIS 8

April 8, 2013, 6:12 am
$
0
0
Evaluating Virtual Load Balancer's and trying to get simple setup of 3 IIS 8 Servers to work with Kemp

Can directly reach each Server stand alone using there IP addresses

VS IP address is in the same subnet but can not get it to work via this IP nmap show port as listening

Same setup with Zen Load Balancer works fine

Any idea's what I could be missing or need to try

How to use one Virtual Service for http and https request

September 13, 2012, 1:22 am
$
0
0
Hello,

I would like to use One Virtual Service for http and https request. It's the only solution for me to give the persistent session between http and https request for one customer session.
 
With my old loadbalancer (loadbalancer.org), I create iptables filter like this ==>

iptables -t mangle -A PREROUTING - tcp -d 192.168.0.98 --dport 80 -j MARK --set-mark 98
iptables -t mangle -A PREROUTING - tcp -d 192.168.0.98 --dport 443 -j MARK --set-mark 98

After I create a new virtual Service with this settings :
  • Virtual Address ==> 98
  • Protocole  : FWM
Do you think it 's possible to have the same settings with my Kemp virtual machine ?

Thank you very much for your help and sorry for my english ....

SNMP doesn't accept special characters

April 11, 2013, 10:18 am
$
0
0
Just wanted to confirm that I'm not the only one experiencing this. Setting up a new appliance for a proof of concept and when configuring their company SNMP community string, it tells me it's invalid. 

I assume this means that it won't accept special characters in the setup which seems strange because a lot of organizations use these characters for security purposes.

Can someone please confirm and/or assist?

Using the option "fail on match" for redirecting from http to https

April 19, 2013, 2:02 am
$
0
0
Hi,
where have the requirement to redirect from a http-vs to a https-vs for special strings. We solve this issue with content switching in connection with "Not Available Redirection Handling" (error code "302", redirect url "https://%h%s"). Because of the maximum length of the "match string" field in the content rules, we don't use a negated content matching rule with all the urls/string which only should by available for https but we use positive rules for all strings/urls which should by available over http. Of course this is big configuration overhead...

Now we are evaluating Load master V6.0-44 where the content rule configuration offers the opton "Fail on match". I interpret the option this way that, if I define a rule which applies to a request, the real server where the rule is assigned to will not be responsible for the request. That would mean we could define one rule per string which should force a https request by defining a positive content matching rule with the option "fail on match" activated. I tried this configuration, but unfortunately no redirect to https was executed.

Do I misunderstand this option or is it possible to use this option for defining several rules for redirecting to https?

Thanks in advance
Sebastian

Problems with Content Switching Rule

April 19, 2013, 11:05 am
$
0
0
Hello,

we implemented "virtual hosting" via  kemp lb, i.e. we have one public ip with serveral domain-names and route the traffic via kemp (6.0.44) to 2 different backend servers which have different webservices on different ports.

i.e.
domain-a -> vip 1.2.3.4 -> backendserver1:portX (weight 1000) backendserver2:portX (weight 1)
domain-b -> vip 1.2.3.4 -> backendserver1:porty (weight 1000) backendserver2:portY (weight 1)

and so on.

we added content switching rules for the different domains (header check for "Host:" (virtual host) (e.g. ^domain-a$  regex)  and observe strange behaviour. we first thought that a proxy server involved was the culprit, but in a long debug session we found that kemp lb conent-switching goes wrong, i.e. the request for domain-a is "switched" to the backend for domain-b.

for our curiousity, we can NOT reproduce this behaviour from different normal IPs, but whenever the regest originates from the companies central proxy server, we opserve that the kemp is doing wrong - i.e. the request going into the kemp is correct, but the request going from the kemp to the backend is routed to the wrong destination. it looks the content rule engine is on error.

are there any known issues with content switching or did anybody observe something similar ?


regards
Roland

Health check failure

April 24, 2013, 6:49 pm
$
0
0
We've recently been attempting to migrate from a one-arm configuration to a two-arm configuration.  We currently have two Exchange 2010 CAS/HUB servers, one on the same subnet as the LB and one on a new subnet.  

After enabling the CAS Box on the new subnet it appears to work as it should.  I can confirm a connection from OWA to this specific CAS Box and send an email.  Looking at the headers on the receiving end, transparency appears to work correctly since I can see the source IP address is not the LB.  Unfortunately after a few minutes the health check fails and removes the virtual services.  A few seconds later it comes back online.  It repeats the same steps every few minutes.

Log file entries:

Apr 25 05:05:19 EX2K10LB l4d: RS 172.16.9.xx:443 re-enabled on VS 172.16.0.xx:443(Ex2k10 HTTPS)
Apr 25 05:05:19 EX2K10LB l4d: RS 172.16.9.xx:* re-enabled on VS 172.16.0.xx:*(RPC CA)
Apr 25 05:15:04 EX2K10LB l4d: Removing RS 172.16.9.xx:443 from VS 172.16.0.xx:443(Ex2k10 HTTPS) - Timeout waiting for connection
Apr 25 05:15:04 EX2K10LB l4d: VS 172.16.0.xx:443(Ex2k10 HTTPS) Taken out of service due to failed Real Servers
Apr 25 05:15:04 EX2K10LB l4d: Removing RS 172.16.9.xx:* from VS 172.16.0.xx:*(RPC CA) - Timeout waiting for connection
Apr 25 05:15:04 EX2K10LB l4d: VS 172.16.0.xx:*(RPC CA) Taken out of service due to failed Real Servers
Apr 25 05:15:30 EX2K10LB l4d: Adding RS 172.16.9.xx:443 to VS 172.16.0.xx:443(Ex2k10 HTTPS)
Apr 25 05:15:30 EX2K10LB l4d: VS 172.16.0.xx:443(Ex2k10 HTTPS) Back in normal service
Apr 25 05:15:30 EX2K10LB l4d: Adding RS 172.16.9.xx:* to VS 172.16.0.xx:*(RPC CA)
Apr 25 05:15:30 EX2K10LB l4d: VS 172.16.0.xx:*(RPC CA) Back in normal service

Any ideas?

Thanks in advance.

Search

Examples of content regex rules

April 25, 2013, 7:49 am
$
0
0
We've been trying to build some slightly more advanced regex expressions to do content switching with.

So we can get this basic rule to work
^/wx$ to grab something directed straight at /wx
and this 
^/wx/*$ to grab everything /wx/whatever

But we don't want to get anything what would be either not exactly /wx or /wx/something so for instance if there was wxstuff it would not redirect.

Can I do this in a single rule, we've been working with standard regex and are unable to get it to behave.

Would be interested if anyone would have some more advanced rules they'd be willing to share.


Real Server TCP Connection only check - causing aborted MySQL connections

February 11, 2013, 1:19 pm
$
0
0
We have 2 MySQL servers that operate on the standard port of 3306. These servers are on a separate network from the loadmasters, so we are required to use the Force L7 (without transparency) to be able to add Real Servers on "remote addresses". 

Using these settings, we are able to connect to our MySQL servers without any issues. However, our MySQL servers are reporting "aborted_connects" (aborted connections) very regularly (one every 10 seconds or so). I have found our that it is the LoadMaster "Real Server Check" that is causing this issue. I confirmed this by disabling one real server and these aborted connections stop happening.  We are currently using the "TCP Connection Only" as the real server checking option as it is the only way we can make sure the 3306 port is responding. I can't use ICMP since it will not tell me about the specific MySQL port on 3306.

Is there any way that we can force the LoadMaster to close its TCP connections correctly or check the real servers in such a way that will not cause MySQL to detect an aborted connection?

how to config lbs2600 to loadbalance wowza media server

December 4, 2012, 4:09 am
$
0
0
how to config lbs2600 to loadbalance wowza media server

we have 2 wowza media server and this is config

image

Wowza Media Server - Kemp Load Balancing

May 14, 2013, 7:33 am
$
0
0
Hi,

Hoping someone can help. We are currently running two Wowza Media Servers and would like to try load balance these.

Has anyone else managed to successfully do this using Kemp Technologies?

Active connections on disabled 'Real Server'. (Exchange 2010)

April 16, 2013, 3:46 am
$
0
0
Hi all,

We have a Virtual Service for all MAPI endpoint Outlook 2010 connections to our 3 x CAS Servers.  I want to perform some maintenance on CAS-2 so I have clicked Disable yet 3 days later (over weekend) I still see active connections on this server.  This is validated by running netstat -b | Findstr <VIP> on the CAS-2. I can see many instances of Outlook connections on the VIP.

Can anyone help?

image

image
image

changing URL

May 22, 2013, 3:27 am
$
0
0
Hi,

I am having problems with changing a url on our Kemp.

I am trying to achieve the following

mywebsite:81 -> mynewwebsite   - i have this work including appending whatever the proceeding string is. I use a redirect rule to achieve this

mywebsite:81/project -> ourprojects  - this one is proving more difficult. i have tried a modify url rule but having no luck.

Is it possible to create rules as above given that the first rule changes mywebsite:81 to mynewwebsite already?

Regards,

Nicky.

URL Redirection

May 27, 2013, 6:57 am
Search

HA configuration or GEO-LM needed?

March 25, 2013, 11:22 am
$
0
0
We have two datacenters. These are 1 km away from each other with latency of <1ms.

In both datacenters servers are connected to a Cisco switch.

The servers in both datacenters are in one subnet (stretched VLAN over the datacenters) and all servers (in both sites) have the same subnet addressing and default gateway.



We want to configure Load Balancing in a site-redundant configuration, spread over the two datacenters.

Can we deploy a pair of Load Masters in a HA configuration (active / passive), or is a pair of GEO Load Masters required?

SIP load balancing

May 29, 2013, 11:26 am
$
0
0
I am trying to see if Kemp load balancers can handle SIP servers. I would like to deploy several SIP (Audiocodes Mediant 2000) servers behind the Kemp load balancer if possible. I do not see options in the virtual server menu to enter range of UDP ports required for the data to pass through. Is there any way to make it work?

Rewrite shortname to fqdn

May 29, 2013, 7:35 am
$
0
0

I am trying to figure out how to rewrite http://hostname/* to http://hostname.domain.com/*. I have attempted url rewrite and host header rewrites but neither seems to be doing the job.

 I couldn't find this scenario when I searched the forums or the doc but it is something we do via apache often so I am hoping content switching can handle it.

Persistence Mode Selected Header

June 3, 2013, 3:14 pm
$
0
0
I'm having some difficulty getting the persistence mode of Selected Header to work the way I think it should. I'm running version 6.0-42 (Hyper-V).

I have Persistence set to Selected Header, Timeout set to 1 minute and Header field name set to the name of a custom header that is being added to all of the HTTP traffic.
I thought that traffic would switch between real servers when the value in the custom header changed but that is not the case. The only time a switch seems to happen is when the timeout is reached.

Am I wrong in thinking that HTTP traffic should switch between real servers when the value in the header changes?

Thanks,
~MIke

LM TCP Proxy

June 5, 2013, 3:22 am
$
0
0
Hi,
is it possible to configure the Loadmaster as follow:

The Virtual IP addresses should be available on both the WAN and LAN
side. Clients coming from the Internet or intranet can access the
database or web Service. On the LAN side, the web servers can access the
database Service.


Viewing all 104 articles
Browse latest View live
Search