The show server command, as a standalone command, gives the output of the following commands together: • show server global - See “Displaying Global Layer 4 ServerIron Configuration” on page 3-149.
• show server bind - See “Displaying Port-Binding Information” on page 3-165. • show server sessions - See “Displaying Port-Binding Information” on page 3-165. • show server traffic - See “Displaying Packet Traffic Statistics” on page 3-167.
The show server global command gives the output of the show server backup or the show server symmetric command, depending on which high availability method is in use, plus some additional configuration information that would have to be shared between a pair of ServerIrons in a high availability environment.
The following is a sample for a ServerIron using Sym-active SLB:
ServerIron#show server Server Symmetric port = 2/7 Group_id = 1 Candidate cnt = 1 Port No-rx
2/7 0
Server Load Balancing - global parameters Predictor = round-robin Force-deletion = 0 Reassign-threshold = 20 Reassign-limit = 3 TCP-age = 30 UDP-age = 5 Sticky-age = 5
TCP-syn-limit = 65535 msl = 8 TCP-total conn = 0 Unsuccessful conn = 0 NO-RESET-on-max-conn = Disabled Ping-interval = 2 Ping-retries = 4 Session ID age = 30 Bind info Virtual server: v Status: enabled IP: 192.168.199.99 telnet ---> a: 192.168.99.11, telnet (remote) (Active) b: 192.168.99.12, telnet (remote) (Failed) http ---> a: 192.168.99.11, http (remote) (Active) b: 192.168.99.12, http (remote) (Failed) Client->Server = 0 Server->Client = 0 Drops = 0 Aged = 0 Fw_drops = 0 Rev_drops = 0 FIN_or_RST = 0 old-conn = 0 Disable_drop = 0 Exceed_drop = 0 Stale_drop = 0 Unsuccessful = 0
SYN def/proxy RST = 0 Server Resets = 0
Out of Memory = 0 Out of Memory = 0
last conn rate = 0 max conn rate = 0
last TCP attack rate = 0 max TCP attack rate = 0
fast vport found = 4 fast vport n found = 11
Fwd to non-static FI = 0 Dup stale SYN = 0
ServerIron#show server Server Symmetric port = 2/7 Group_id = 1 Candidate cnt = 1 Port No-rx 2/7 0 Server Load Balancing - global parameters Predictor = round-robin Force-deletion = 0 Reassign-threshold = 20 Reassign-limit = 3 TCP-age = 30 UDP-age = 5 Sticky-age = 5 TCP-syn-limit = 65535 msl = 8 TCP-total conn = 0 Unsuccessful conn = 0 NO-RESET-on-max-conn = Disabled Ping-interval = 2 Ping-retries = 4 Session ID age = 30 Bind info Virtual server: v Status: enabled IP: 192.168.199.99 telnet ---> a: 192.168.99.11, telnet (remote) (Active) b: 192.168.99.12, telnet (remote) (Failed) http ---> a: 192.168.99.11, http (remote) (Active) b: 192.168.99.12, http (remote) (Failed) Client->Server = 0 Server->Client = 0
Drops = 0 Aged = 0
FIN_or_RST = 0 old-conn = 0
Disable_drop = 0 Exceed_drop = 0
Stale_drop = 0 Unsuccessful = 0
SYN def/proxy RST = 0 Server Resets = 0
Out of Memory = 0 Out of Memory = 0
last conn rate = 0 max conn rate = 0
last TCP attack rate = 0 max TCP attack rate = 0
fast vport found = 4 fast vport n found = 11
Fwd to non-static FI = 0 Dup stale SYN = 0
TCP forward FIN = 0 TCP reverse FIN = 0
Fast path FWD FIN = 0 Fast path REV FIN = 0
Fast path SLB SYN = 0 Dup SYN after FIN = 0
Duplicate SYN = 0 Duplicate sessions = 0
TCP ttl FIN recvd = 0 TCP ttl reset recvd = 0
Sessions in DEL_Q = 0 Sess force deleted = 0
Fwd sess not found = 0 sess already in delQ = 0
Sess rmvd from delQ = 0
New sess sync sent = 0 New sess sync recvd = 0
TCP SYN received = 0 TCP SYN dropped = 0
TCP SYN to MP = 0 TCP SYN ACK to MP = 0
TCP SYN ACK received = 0 TCP SYN ACK dropped = 0
TCP pkt received = 0 TCP pkt dropped = 0
TCP pkt to MP = 0 PBSLB tftp status = Not in pro Avail. Sessions on MP = 999993 Total Sessions on MP = 1000000
slot-1 cpu-1 Avail. Session = 1999992 Total Sessions = 2000000 slot-1 cpu-2 Avail. Session = 1999992 Total Sessions = 2000000 slot-1 cpu-3 Avail. Session = 1999992 Total Sessions = 2000000 Total C->S Conn = 0 Total S->C Conn = 0
Total Reassign = 0 Unsuccessful Conn = 0
Server State - 0: disabled, 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active Real Server State CurrConn TotConn TotRevConn CurrSess PeakConn a 6 0 0 0 0
0 b 1 0 0 0 0
0 last conn rate = 0 max conn rate = 0
last TCP attack rate = 0 max TCP attack rate = 0
SYN def RST = 0 SYN flood = 0
ServerIron#
Displaying Global Layer 4 ServerIron Configuration
To display global Layer 4 ServerIron configuration information, enter the following command: ServerIron(config)# show server global Server Load Balancing - global parameters Predictor = least-conn Force-deletion = 0 Reassign-threshold = 20 Reassign-limit = 3 Ping-interval = 2 Ping-retries = 4 TCP-age = 30 UDP-age = 5 Sticky-age = 30 TCP-syn-limit = 65535TCP-total conn = 4233 Unsuccessful conn = 0
ICMP-message = Disabled
Syntax: show server global
This display shows the following information.
Table 3.12: Global Layer 4 Configuration Information
This Field... Displays...
Symmetric SLB Parameters
You also can display this information separately. See “Displaying SSLB Information” on page 7-26.
Server Symmetric port The ServerIron port number on which the ServerIron perceives other ServerIrons running Symmetric SLB.
Group_id The Symmetric SLB group ID. The group ID is always 1 in the current release.
Candidate cnt The number of ports on which the ServerIron perceives a partner ServerIron running Symmetric SLB.
Port The TCP/UDP port for which Symmetric SLB is enabled. Priority The priority for the VIP.
No-rx Information Foundry technical support can use to help resolve Symmetric SLB configuration issues.
SLB Parameters
Predictor The load balancing metric in effect on the ServerIron. The predictor can be one of the following:
• least-conn (least connections) • least-sess (least sessions)
• response-time (server response time)
Note: This value also applies to the combined method of least connections and server response time weights.
• round-robin (round robin) • weighted (weighted percentage)
• least-local-conn (least local connections) • least-local-sess (least local sessions) The default is least-conn.
You can assign these metrics on a global basis and an individual virtual server basis.
For more information or to globally change the predictor, see “Globally Changing the Load-Balancing Method” on page 3-22.
To locally change the predictor for a virtual server, see “Changing the Load Balancing Method on a Virtual Server” on page 3-59.
Force-deletion The state of the force shutdown option. This option immediately shuts down a server or service instead of waiting for existing connections to end before shutting the server or service down. The state can be one of the following:
• 0 – Disabled • 1 – Enabled
Reassign-threshold The number of contiguous inbound TCP-SYN packets sent to the server that the server has not responded to.
The TCP SYN-ACK counter increments only when acknowledgments are not received. Each time an expected TCP SYN-ACK is received, the counter is cleared.
The default reassign threshold is 21 unacknowledged TCP SYN- ACKs. The value can be from 6 – 254. To change the reassign threshold, see “Reassign Threshold” on page 5-29
Note: You can modify this parameter to help minimize vulnerability to TCP SYN attacks.
Reassign-limit The number of missed TCP SYN packets the ServerIron will accept before moving an inbound connection attempt to another server. Layer 3 Health Check Parameters
Ping-interval How often the ServerIron sends a Layer 3 IP ping to test the basic health and reachability of the real servers. When enabled, this parameter specifies the interval for the pings. To change the interval, see “Modifying the Ping Interval and Ping Retries” on page 5-18. Ping-retries How many times the ServerIron resends a ping to a real server that is
not responding. The default is 4 and can be from 2 – 10. To change this parameter, see “Modifying the Ping Interval and Ping Retries” on page 5-18.
If the server still does not respond after the last retry, the ServerIron marks the server FAILED and removes it from the load balancing rotation.
Global TCP/UDP Parameters
TCP-age The number of minutes the ServerIron allows a TCP connection to remain unused before closing the connection. The default is 30 minutes. To change this parameter, see “Configuring TCP Age” on page 5-62.
The value shown here is the global value. You can override this value for an individual TCP/UDP port by modifying its port profile. See “Overriding the Global TCP or UDP Age” on page 5-28.
Table 3.12: Global Layer 4 Configuration Information (Continued)