Table Of Contents
Managing Other Features in CVDM-CSM
Understanding Fault Tolerance
Configuring Fault Tolerance
Editing Fault Tolerance Configuration
Understanding Scripts
Viewing Scripts
Loading Scripts
Switch Tab
Network
Viewing Environment Variables
Understanding XML Configuration
Viewing XML Configuration
Editing XML Configuration
Managing Other Features in CVDM-CSM
CVDM-CSM provides the following features that you can access from the Miscellaneous page:
•
Understanding Fault Tolerance
• Understanding Scripts
• Viewing Environment Variables
• Understanding XML Configuration
Understanding Fault Tolerance
From the Fault Tolerance dialog box, you can do the following:
•Configure active and standby CVDM-CSMs, fault tolerant VLANs, and parameters like failover time and heartbeat time.
•Set priority for any CVDM-CSM.
In the secure (router) mode, the client-side and server-side VLANs provide the fault-tolerant (redundant) connection paths between the CVDM-CSM and routers on the client side, and the servers on the server side. In a redundant configuration, two CSMs perform active and standby roles. Each CSM contains the same IP, virtual server, server pool, and real server information. From the client-side and server-side networks, each CSM is configured identically. The network sees the fault-tolerant configuration as a single CSM.
Two CSMs can be configured in a fault-tolerant mode to share state information about user sessions and provide connection redundancy. When the active CSM fails, open connections are handled by the standby CSM without interruption, and users experience hitless failover.
Fault-tolerant configuration can be done with two CSMs in two Cisco Catalyst 6500 Series devices or in a single chassis. Configuration can also be done in either the secure (router) mode or non-secure (bridge) mode.
Configuring fault tolerance requires the following:
•Two CSMs that are installed in the same or different Catalyst 6500 series chassis.
•Identically configured CSMs. One CSM is configured as active; the other is configured as standby.
•Each CSM connected to the same client-side and server-side VLANs.
•Communication between the CSMs provided by a shared private VLAN.
•A network that sees the redundant CSMs as a single entity.
Related Topics:
• Configuring Fault Tolerance
• Editing Fault Tolerance Configuration
Configuring Fault Tolerance
Note Click the Enable button to enable fault tolerance configuration in CVDM-CSM. The Enable button then toggles to Disable and the Edit button is enabled, allowing changes to the fault tolerance configuration values. To disable fault tolerance configuration, click the Disable button.
Figure 11-1 Fault Tolerance Window
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select Fault Tolerance from the object selector. The Fault Tolerance dialog box appears, displaying the following columns.
Column
|
Description
|
Group ID
|
ID of the fault-tolerant group. Both CSMs must have the same group ID.
|
VLAN ID
|
ID of the VLAN over which heartbeat messages are sent. Both CSMs must have the same VLAN ID.
|
Failover Time
|
Amount of time for a standby CSM to wait before becoming active.
|
Heartbeat Time
|
Interval (in seconds) between heartbeat transmissions.
|
Priority
|
Priority of a CSM.
|
Preempt
|
Lets you know that a higher priority CSM will take control of a fault-tolerant group when it comes online.
|
From this dialog box, you can do the following:
•Click Edit to edit the fault tolerance configuration. For more information, see "Editing Fault Tolerance Configuration" section.
•Click Disable to disable the fault tolerance configuration in CVDM-CSM.
Editing Fault Tolerance Configuration
Note The Edit button is enabled only when you enable fault tolerance configuration in CVDM-CSM.
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select Fault Tolerance from the object selector.
Step 3 Click Edit. The Fault Tolerance Configuration dialog box appears, displaying the following columns.
Column
|
Description
|
Group ID
|
Enter the ID of the fault-tolerant group. Both CSMs must have the same group ID.
|
VLAN ID
|
Enter the ID of the VLAN over which heartbeat messages are sent. Both CSMs must have the same VLAN ID.
|
Failover Time
|
Enter the failover time. It is the amount of time for a standby CSM to wait before becoming active.
|
Heartbeat Time
|
Enter the interval (in seconds) between heartbeat transmissions.
|
Priority
|
Enter the priority of the CSM.
|
Preempt
|
Specify Yes or No to allow a higher priority CSM to take control of a fault-tolerant group when it comes online.
|
Understanding Scripts
CVDM-CSM allows you to upload and execute Toolkit Command Language (TCL) scripts. You can customize scripts to develop health probes or standalone tasks. The CVDM-CSM executes the scripts at regular intervals.
There are two basic types of scripts in CVDM-CSM:
•Health-monitoring scripts—You can write these scripts using some simple rules. The health-monitoring module controls the execution of these scripts. When a script is a part of a script probe, it executes periodically. The script indicates the relative health and availability of specific real servers.
•Standalone scripts—These are generic TCL scripts which can execute a single task. You can control the execution of these scripts by configuring them.
Related Topics:
• Viewing Scripts
• Loading Scripts
Viewing Scripts
You can load scripts onto the CVDM-CSM through script files. A script file may contain zero, one, or more scripts.
Figure 11-2 Scripts Window
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select Scripts from the object selector. The Scripts dialog box appears, displaying the following columns:
Column
|
Description
|
State column (far-left column)
|
Displays the state of the script. Depending on its state the color of the icon beside the script will change. For more details on what the color of the icon represents, see Table 11-1.
|
Filename
|
Specifies the filename of the script
|
Script Name
|
Specifies the scripts in the file.
|
Load Time
|
Specifies the time at which you loaded the script.
|
Table 11-1 describes the status of the scripts based on the color of the icons.
Table 11-1 Color Scheme for Script Status
Icon
|
Color
|
Description
|
|
Green
|
Specifies that the script is loaded in CVDM-CSM.
|
|
Red
|
Specifies that the script is loaded but not configured in CVDM-CSM.
|
|
Gray
|
Specifies that the script is not loaded in CVDM-CSM.
|
From this dialog box, you can do the following:
•Select a script from the table and click the Script Names.. button to see the list of associated script names of the script file.
•Click Load to load your scripts. For more information, see Loading Scripts.
•Click Reload to reload your scripts. This button will be disabled for the scripts that are not loaded (gray icon) in CVDM-CSM.
When you reload the scripts which are in the green and/or red state, CVDM-CSM prompts you for confirmation and reloads the corresponding scripts.
Based on the commands in the CLI, CVDM-CSM will first remove the configuration of the script and then reconfigure it.
•Click Delete to disable the scripts that are in the green and grey states. This button will be disabled for the scripts which are in the red state.
Note You cannot delete scripts; you can only disable them.
When you click Delete, CVDM-CSM prompts you for confirmation and disables the corresponding script.
Loading Scripts
You can load scripts from the switch or from network devices like FTP, TFTP or RCP servers. A script file may contain zero, one, or more scripts. A script remains in the system after you load it. You cannot remove them but you can modify them.
Note Every script should have a unique name. If two or more scripts have identical names, then the last loaded script will be in the system.
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select Scripts from the object selector.
Step 3 Click Load to load your scripts. The Load Script dialog box appears with the following tabs:
•Switch (for information on loading scripts from the Switch tab, see Switch Tab.
•Network (for information on loading scripts from the Network tab, see Network.
Switch Tab
Step 1 Click Switch tab to load scripts from the switch.
Do one of the following:
•To load the scripts from bootflash, choose bootflash from the list.
•To load the scripts from the switch supervisor engine bootflash, choose sup-bootflash.
•To load the scripts from CVDM-CSM hard disk, choose disk0 from the list.
•To load the scripts from the NVRAM, choose nvram from the list.
The following columns appear under the Switch tab:
Column
|
Description
|
File
|
Specifies the filename of the script.
|
Load
|
Select this check box to load the required script.
|
Network
Step 1 Click the Network tab to load scripts from network devices like FTP, TFTP, or RCP servers.
The different server types are:
•FTP
•TFTP
•RCP
Step 2 Do one of the following:
•To load the scripts from the FTP server, choose FTP from the list. For information, see FTP.
•To load the scripts from the TFTP server, choose TFTP from the list. For information, see TFTP.
•To load the scripts from the RCP server, choose RCP from the list. For information, see RCP.
FTP
To load a script from a FTP server, you have to enter the following information:
Column
|
Description
|
FTP Server IP Address
|
IP address of the FTP server.
|
Username
|
Name of the credentials user.
|
Password
|
Password for the credentials user.
|
Filename
|
Specifies the filename of the script.
|
TFTP
To load a script from a TFTP server, you have to enter the following information:
Column
|
Description
|
TFTP Server IP Address
|
IP address of the TFTP server.
|
Filename
|
Specifies the filename of the script
|
RCP
To load a script from an RCP server, enter the following information:
Column
|
Description
|
RCP Server IP Address
|
IP address of the RCP server.
|
Username
|
Name of the credentials user.
|
File Name
|
Specifies the filename of the script
|
Viewing Environment Variables
You can configure CVDM-CSM environment variables and see the values of the configured variables.
Figure 11-3 Environment Variables Window
To see the list of environment variables used by the CVDM-CSM:
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select Environment Variables from the object selector.
The Environment Variables dialog box appears with the following variables.
Name
|
Default Value
|
Valid Values
|
Description
|
ARP_INTERVAL
|
300
|
Integer (15 to 31536000)
|
Time (in seconds) between ARP requests for configured hosts.
|
ARP_LEARNED_INTERVAL
|
14400
|
Integer (60 to 31536000)
|
Time (in seconds) between ARP requests for learned hosts.
|
ARP_GRATUITOUS_INTERVAL
|
15
|
Integer (10 to 31536000)
|
Time (in seconds) between gratuitous ARP requests.
|
ARP_RATE
|
10
|
Integer (1 to 60)
|
Time (in seconds) between ARP retries.
|
ARP_RETRIES
|
3
|
Integer (2 to 15)
|
Number of ARP attempts before flagging a host as down.
|
ARP_LEARN_MODE
|
1
|
Integer (0 to 1)
|
Indicates whether the CSM learns MAC addresses on responses only (0) or all traffic (1).
|
ARP_REPLY_FOR_NO_INSERVICE_VIP
|
0
|
Integer (0 to 1)
|
Indicates whether the CSM will reply to ARP for an out-of-service virtual server.
|
ADVERTISE_RHI_FREQ
|
10
|
Integer (1 to 65535)
|
Frequency (in seconds) at which the CSM checks for RHI updates.
|
AGGREGATE_BACKUP_SF_STATE_TO_VS
|
0
|
Integer (0 to 1)
|
Specifies whether to include the operational state of a backup server farm in the state of a virtual server.
|
COOKIE_INSERT_EXPIRATION_DATE
|
Fri, 1
Jan 2010 01:01:50 GMT
|
String (2 to 63 chars)
|
Configures the expiration time and date for the HTTP cookie inserted by the CSM.
|
CSM_FAST_FIN_TIMEOUT
|
10
|
Integer (10 to 65535)
|
Timeout (in seconds) for connection reset after FIN is detected.
|
DEST_UNREACHABLE_MASK
|
65535
|
Integer (0 to 65535)
|
Bitmask that defines the ICMP destination unreachable codes to be forwarded.
|
FT_FLOW_REFRESH_INT
|
15
|
Integer (1 to 65535)
|
Interval (in seconds) for the FT slow path flow refresh.
|
GSLB_LICENSE_KEY
|
(no valid license)
|
String (1 to 63 chars)
|
License key string that enables the Global Server Load Balancing (GSLB) feature.
|
GSLB_KALAP_PROBE_FREQ
|
45
|
Integer (45 to 65535)
|
Frequency of GSLB KAL-AP probes.
|
GSLB_KALAP_PROBE_RETRIES
|
3
|
Integer (1 to 65535)
|
Maximum number of retries for GSLB KAL-AP probes.
|
GSLB_KALAP_UDP_PORT
|
5002
|
Integer (1 to 65535)
|
GSLB KAL-AP UDP port number.
|
GSLB_ICMP_PROBE_FREQ
|
45
|
Integer (45 to 65535)
|
Frequency of GSLB ICMP probes.
|
GSLB_ICMP_PROBE_RETRIES
|
3
|
Integer (1 to 65535)
|
Maximum number of retries for GSLB ICMP probes.
|
GSLB_HTTP_PROBE_FREQ
|
45
|
Integer (45 to 65535)
|
Frequency of GSLB HTTP probes.
|
GSLB_HTTP_PROBE_RETRIES
|
3
|
Integer (1 to 65535)
|
Maximum retries for GSLB HTTP probes.
|
GSLB_DNS_PROBE_FREQ
|
45
|
Integer (45 to 65535)
|
Frequency of GSLB Domain Name System (DNS) probes.
|
GSLB_DNS_PROBE_RETRIES
|
3
|
Integer (1 to 65535)
|
Maximum retries for GSLB DNS probes.
|
HTTP_CASE_SENSITIVE_MATCHING
|
1
|
Integer (0 to 1)
|
Specifies whether the URL (cookie, header) matching and sticky are case sensitive.
|
HTTP_URL_COOKIE_DELIMITERS
|
/?&#+
|
String (1 to 64 chars)
|
Configures the list of delimiter characters for cookies in the URL string.
|
INBAND_STATE_CHANGED_MSG_RATE
|
4
|
Integer (0 to 32)
|
Maximum number of log messages per second, when the real server changed state within inband.
|
INFINITE_IDLE_TIME_MAXCONNS
|
1024
|
Integer (1 to 4294967295)
|
Maximum number of connections with infinite idle timeout.
|
MSTS_RDP_VIP_LIST
|
—
|
String (0 to 256 chars)
|
List of Virtual IP (VIPs) supporting MSTS-RDP protocol.
|
MAX_PARSE_LEN_MULTIPLIER
|
1
|
Integer (1 to 16)
|
Multiplies the configured maximum parse length by this amount.
|
MAX_VSERVERS_PER_VIP
|
10
|
Integer (7 to 10)
|
Configures the maximum limit for virtual servers having the same IP address. It is represented in powers of 2.
|
NAT_CLIENT_HASH_SOURCE_PORT
|
0
|
Integer (0 to 1)
|
Specifies whether to use the source port to select the client NAT IP address.
|
NO_RESET_UNIDIRECTIONAL_FLOWS
|
0
|
Integer (0 to 1)
|
Specifies that unidirectional flows need not be reset when timed out.
|
REAL_SLOW_START_ENABLE
|
3
|
Integer (0 to 10)
|
Disables or enables the Slow Start feature with an average number of connections sent to the slow start server. It is represented in powers of 2.
|
ROUTE_UNKNOWN_FLOW_PKTS
|
0
|
Integer (0 to 1)
|
Specifies whether to route non-SYN packets that do not match any existing flows
|
SASP_CSM_UNIQUE_ID
|
Cisco-CSM
|
String (3 to 63 chars)
|
Text identifier of this CSM to GWM running Server/Application State Protocol (SASP).
|
SASP_FIRST_BIND_ID
|
65520
|
Integer (1 to 65525)
|
Treat Dynamic Feedback Protocol (DFP) bind_ids as SASP IDs starting at this value.
|
SASP_GWM_BIND_ID_MAX
|
1
|
Integer (0 to 8)
|
Maximum number of GWMS/bind_ids using SASP.
|
SASP_SCALE_WEIGHTS
|
0
|
Integer (0 to 12)
|
Scale SASP weights by N; a value of 12 means the range corresponds with the CVDM-CSM range.
|
SECURE_HTTP_PORT
|
443
|
Integer (1 to 65535)
|
HTTPS server port number.
|
SECURE_HTTP_PRIV_KEY_FILE
|
—
|
String (0 to 256 chars)
|
Private key file used by the HTTPS server.
|
SECURE_HTTP_SSL_METHOD
|
0
|
Integer (0 to 3)
|
SSL version used by the HTTPS server.
|
SECURE_HTTP_TFTP_HOST_IPADDRESS
|
—
|
String (0 to 16 chars)
|
IP address of TFTP server that contains the HTTP server certificates.
|
SECURE_HTTP_SERVER_CERTIFICATE
|
—
|
String (0 to 256 chars)
|
Certificate file used by the HTTPS server.
|
SECURE_SASP_ENABLE
|
0
|
Integer (0 to 1)
|
Enables secure SASP.
|
SECURE_SASP_PRIV_KEY_FILE
|
—
|
String (0 to 256 chars)
|
Private key file used by the SASP client.
|
SECURE_SASP_SSL_METHOD
|
0
|
Integer (0 to 3)
|
SSL version used by the secure SASP client.
|
SECURE_SASP_SERVER_CERTIFICATE
|
—
|
String (0 to 256 chars)
|
Certificate file used by the SASP client.
|
SECURE_SASP_TFTP_HOST_IPADDRESS
|
—
|
String (0 to 16 chars)
|
IP address of TFTP server that contains the SASP client certificates.
|
SSL_DEFAULT_STICKY
|
0
|
Integer (0 to 1)
|
Stick to source IP sticky upon receipt of an unknown or BAD SSL format.
|
SWITCHOVER_RP_ACTION
|
0
|
Integer (0 to 1)
|
Specifies whether to recover (0) or halt/reboot (1) after a supervisor engine Route Processor (RP) switchover occurs.
|
SWITCHOVER_SP_ACTION
|
0
|
Integer (0 to 1)
|
Specifies whether to recover (0) or halt/reboot (1) after a supervisor engine SP switchover occurs.
|
SYN_COOKIE_INTERVAL
|
3
|
Integer (1 to 60)
|
Specifies the interval (in seconds at which a new syn-cookie key is generated.
|
SYN_COOKIE_THRESHOLD
|
5000
|
Integer (0 to 1048576)
|
Specifies the threshold (in number of pending sessions) at which syn-cookie is engaged.
|
TCP_ACCEPT_RST_EQU_NEXT_GET_SEQ
|
0
|
Integer (0 to 1)
|
Specifies if CVDM-CSM will immediately close connections, when it receives Reset (RST) that has Sequence# equal (but not less than) the Sequence# of the next expected HTTP request header.
|
TCP_MSS_OPTION
|
1460
|
Integer (1 to 65535)
|
Specifies the maximum segment size (MSS) value sent by CSM for layer 7 processing.
|
TCP_WND_SIZE_OPTION
|
8192
|
Integer (1 to 65535)
|
Specifies the window size value sent by CSM for layer 7 processing.
|
VSERVER_ICMP_ALWAYS_RESPOND
|
false
|
String (1 to 5 chars)
|
If the response is true, the CSM responds to ICMP probes regardless of the state of the virtual server.
|
XML_CONFIG_AUTH_TYPE
|
Basic
|
String (5 to 6 chars)
|
Specifies the HTTP authentication type for xml-config. It can be:
•Basic
•Digest
|
From this dialog box, you can do the following functions:
•Select an environment variable and click Edit to edit its value.
•Click Restore Defaults to set the environment variable values to their defaults values.
Understanding XML Configuration
With XML, you can configure the CVDM-CSM using a Document Type Definition (DTD) rather than the IOS command line interface (CLI).
Related Topics:
• Viewing XML Configuration
• Editing XML Configuration
Viewing XML Configuration
Note Click the Enable button to enable XML configuration in CVDM-CSM. The Enable button then toggles to Disable and the Edit button is enabled, allowing changes to the XML configuration values. To disable XML configuration, click the Disable button.
Figure 11-4 XML Configuration Window
Step 1 Click Setup from the task bar, then click Miscellaneous in the Setup pane.
Step 2 Select XML Config from the object selector.
The XML Configuration dialog box appears, displaying the following columns.
Column
|
Description
|
VLAN ID
|
ID of the VLAN.
|
Client Group
|
Client-group can be either standard access-list name or ID (from 1 to 99).
|
Port
|
Specifies the TCP port on which the CVDM-CSM HTTP server listens.
|
Status
|
Status of XML service.
|
Credentials
|
User Name
|
Name of the credentials user.
|
Password
|
Password of the credentials user.
|
From the XML Configuration dialog box, you do the following:
•Click Edit to edit the XML Configuration. For more information, see "Editing XML Configuration" section.
•Click Disable to disable the XML Configuration in CVDM-CSM.
Editing XML Configuration
Note The Edit button will be enabled only when you enable XML configuration in the CVDM-CSM module.
To edit the XML configuration:
Step 1 Click Setup from the task bar, click Miscellaneous in the Setup pane.
Step 2 Select XML Config from the object selector.
Step 3 Click Edit. The Edit XML Configuration dialog box appears, displaying the following columns.
Column
|
Description
|
VLAN ID
|
Enter the ID of the VLAN.
|
Client Group
|
Enter the name or ID of the client group.
|
Port
|
Enter the TCP port on which the CVDM-CSM HTTP server listens.
|
Status
|
Specify, from the list, the status of XML service.
You can choose between In Service or Out of Service.
|
Credentials
|
User Name
|
Name of the credentials user.
|
Password
|
Password of the credentials user.
|
From this dialog box, you can do the following:
•Click Add to add the credentials by entering the username and the password.
•Select a row and click Delete to delete the corresponding credential.
