In a rare condition flows may be dropped by NPM even though the APM is in "Active" state.This article covers a rare condition, where the new flows may be dropped by NPM with "
Load-balance failed" reason. Following has to be met in order to qualify for the Solution in this KB Article:
the issue is more likely to happen on vap-groups consisting of a single APM only
APM is in the "Active" state
"ps aux | grep cbsflowagentd" on the affected APM shows that there is no daemon with this name running there
new flows to the affected vap-group are dropped and the output of the active flow table is similar to the following:
CBS# show flow active
Module Source Destination Prot Dom TTI/MAX
np2 10.0.0.1:1227 192.168.1.1:53 17 1 00:12/00:15 Drop(Load-balance failed) rx circuit 1032 Master np1 Fast Path Y TCP state No validation rx packets 0
np2 10.0.0.1:1228 192.168.1.2:53 17 1 00:12/00:15 Drop(Load-balance failed) rx circuit 1032 Master np2 Fast Path Y TCP state No validation rx packets 0
cbsflowagentd daemon (normally running on all VAPs) is responsible for reporting the utilization of the APM to the CPM. If this daemon isn't running, balancing new flows to the VAP will fail.
has been addressed in XOS V10.0, V9.6.8 and V9.7.3:
ID 102325 Corrected an issue in which the daemon (cbsflowagentd) responsible for IP flow updates between APM and CPM could restart after receiving an error.
If you're running an older XOS release, please either upgrade XOS or contact Blue Coat Technical Support to obtain a patch.
Run the following command on the affected VAP to restart the daemon:
fw_1 (CBS): ~# service cbsflowagentd restart
Imported Document ID: 000019054
Subscribing will provide email updates when this Article is updated. Login is required.