7 Replies Latest reply on Dec 4, 2007 8:10 PM by Bill Robinson

    Why do load-balanced logins break when you upgrade to 7.4.1?

      I have a customer who just upgraded to 7.4.1 from 7.3.0.

      We have multiple app servers, and a VIP shared between them provided by an F5 Big IP.

       

      Prior to the upgrade everything worked fine, including ADK authentication.

       

      When we upgraded to 7.4.1, all logins ceased to work. So far we've fixed 75% of our login issues, but there's a big one that's outstanding. The big one is that we can't login to the VIP in front of the app servers. Based on the wording of the error, it looks like the app server thinks there's a "man in the middle."

       

      Here is the error:

       

      ###############################################################################

       

      Anonymous:Anonymous:10.192.113.23 client's IP address does not match that written into ticket: /10.192.113.23 != /10.192.252.235

      Anonymous:Anonymous:10.192.113.23 Client's servic ticket not valid

      Anonymous:Anonymous:10.192.113.23 Error authorizing the connection

      Anonymous:Anonymous:10.192.113.23 Connection discnnecting

       

      ###############################################################################

       

      10.192.113.23 is the address of the CM client

      10.192.252.235 is the address of the load balancer

       

      So the app server is complaining that the client IP inside of the ticket doesn't match the IP of the load balancer.

      Can I force the app server to ignore this warning? Do I have to find a way to get the load balancer to transmogrify the packet?

      I'd like to avoid that if possible.