4 Replies Latest reply on Jan 20, 2010 12:24 PM by Travis Standen

    Bladelogic Behind a Cisco Content Switch


      We are looking into some insight behind load balancing.  Currently we are running 8 Bladelogic servers (one database instance) behind a Cisco content switch.  This switch polls 9833, 9840 and 9841 on all the app servers to determine if the application is up and functioning and routes connections for the interface to the least busy server.

      The issue we are facing is that each poll of the ports by the switch causes log entries in the Bladelogic logs, and at the current polling interval there is more spam from the content switch than valid data from users doing work in the tool.  Part of this is due to an extrodinarily high polling interval (3 seconds).

      We are looking at one of two paths: 1.  Change the polling interval from 3 seconds to something more managable like 4 or 5 minutes or 2. Change the content switch from polling the NSH ports to just a ping test.  We are leaning towards option 1.


      The questions I have are:

      1.  We know that changing the polling interval would cause a much larger window of connections being passed to a potentially unavailable server.  Has anyone else put their cluster of BL servers behind a similarily configured load balancer, and if so, what issues did you face?

      2  Changing to ping only would also potentially expose the same issue, but with an indefinite window.  If the BL application is not responding but the server is operational and pinging, connections would be passed to a 'down' server until the server was brought back online.  Has anyone had a similar configuration, and what issues did they face?


      3.  Is there any way of doing a port test of the NSH ports in BladeLogic that will not result in a spamming of the logs with needless entries?


      Thank you,

      Travis Standen

      ACS Inc.

        • 1. Re: Bladelogic Behind a Cisco Content Switch
          Bill Robinson

          I've seen a few things around this:


          1 - there are some log settings you can set to ignore many of the health check messages, though it will disable some legitimate login messages as well.


          2 - put a simple web server on the appserver (perl or something) that returns "OK" if a script returns successfully, where the script is running a blcli command that runs the blcli AppServerProfiler getAppServerDetails and point your load balancer at that and not the ports. or a ps check for the appserver processes (not as accurate), and turn down the polling interval becasue the script may not run in 3 sec.


          otherwise you end up w/ the log spams

          1 of 1 people found this helpful
          • 2. Re: Bladelogic Behind a Cisco Content Switch

            Thank you for your input.. it's quite helpful.

            In the case of your point #1... do you happen to know what those log settings are?

            I will look into the feasibility of doing option 2.

            • 3. Re: Bladelogic Behind a Cisco Content Switch
              Bill Robinson

              In the br/deployments/<instance>/log4j.properties file:



              Changing "log4j.logger.com.bladelogic.mfw.net.BaseServerConnection" from INFO to ERROR will suppress stack traces resulting from invalid connections made to the  (9841).


              Adding "log4j.logger.com.bladelogic.auth.service.AuthSvcWorkerThread=ERROR" would take care of the Auth Service port (9840).


              I believe these will do it, if not, you'll need to open up a ticket w/ support.. i know we can exclude many messages but not all.


              Also, in blasadmin, you want to set the AppServiceURLs, ProxyServiceURLs to the VIP name.  You may also need to set the 'validateclient ipaddr' and 'validaterequesturl' to false if you cannot pass the client ip through to the appserver.

              • 4. Re: Bladelogic Behind a Cisco Content Switch

                Thank you for the wonderful response.  We have something we can test and hopefully deploy to solve our problem.