Cisco Bug: CSCte81287 - GPP/TCP: Regex Parser hangs for .*keyword.* and .*keyword configs
Nov 01, 2010
- Cisco ACE 4700 Series Application Control Engine Appliances
Known Affected Releases
Symptom: When using the Generic Protocol parser to loadbalance some types of TCP traffic, connections may hang and no outbound leg is established if fewer than the configured max-parse-length number of bytes are sent by the client. Conditions: In order to use session-id sticky loadbalancing with end-to-end SSL and no SSL termination on the ACE, the following configuration is suggested: <CmdBold>paremeter-map type generic SESSID-PARAM<noCmdBold> <CmdBold> set max-parse-length 76<noCmdBold> <CmdBold>sticky layer4-payload SESSID-STICKY<noCmdBold> <CmdBold> response sticky<noCmdBold> <CmdBold> layer4-payload offset 43 length 32 begin-pattern "\x20"<noCmdBold> However, some client browsers are known to send a short list of allowable ciphers in the initial SSL ClientHello, which results in a single packet which is fewer than 76 bytes in length. Such clients will not be able to connect. In order to use Generic features with the FIX (Financial Information eXchange) protocol, the following config is suggested: <CmdBold>sticky layer4-payload FIX-STICKY<noCmdBold> <CmdBold> layer4-payload begin-pattern "\x0149=" end-pattern "\x01"<noCmdBold> or <CmdBold>serverfarm host FIX-SERVERFARM<noCmdBold> <CmdBold> predictor hash layer4-payload begin-pattern "\x0149=" end-pattern "\x01"<noCmdBold> However, due to variations in the FIX protocol definition there is no appropriate choice for the max-parse-length, which is required for the Generic Protocol parser. Consequently, some clients might fail to connect.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases