14-43
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
14






Configuring

Traffic

Policies
Configuring
Rules

and

Actions

for

Policy

Maps
HTTP
Optimize
Option
th

at

ap

pears

for

ACE

app

liances

only.
In
the

HTTP

Optimization

Policy

field,

choose

the

HTTP

optimization

policy

map

to

use.
Inspect
Application
inspection

that

is

to

be

implemented

for

this

rule.
Do
the

following:
a.
In
t

he
Inspect
Type

field,

choose

the

pr

otocol

that
is
t

o
be
i

nspected.
b.
Provide
any
protocol-specific
i

nformation.
Ta
b

l

e


14-19

describes

the

available

options

for

application

inspection

actions.
KAL-ap-Primary-Out-of
-Service
Feature
that

is

supported

only

for

ACE

module

software
Version

A2(3.1),

ACE

appliance
software
Version

A4(1.0),

and

later

versions

of

either

device

type.

This

feature

enables

the

ACE
to
notify

a

Global

Site

Selector

(GSS)

that

the

primary

server

farm

is

down

when

the

backup
server
farm

is

in

use.
By
default,

when

you

configure

a

re

direct

server

farm

as

a

ba

ckup

server

farm

on

the

ACE

and
the
primary

server

farm

fails,

the

backup

server

farm

redirects

client

requests

to

another

data
center;
however,

the

VIP

remains

in

the

INSERVICE

state.
When
you

configure

the

ACE

to

communicate

with

a

GSS,

it

provides

information

for

server
availability.
When

a

backup

server

is

in

use

after

the

primary

server

farm

is

down,

this

feature
enables
the

ACE

to

inform

the

GSS

that

the

VIP

for

the

primary

server

farm

is

out

of

service

by
returning
a

load

value

of

255.

The

GSS

recognizes

that

the

primary

server

farm

is

down

and

sends
future
DNS

requests

with

the

IP

address

of

the

other

data

center.
KAL-AP-TAG
Feature
that

is

supported

only

for

the

ACE

module

software

Version

A2(2.0),

ACE

appliance
software
Version

A4(1.0),

and

l

ater

versions

for

both

device

types.

The

KAL-AP-TAG

feature
allows
the

Cisco

Global

Site

Selector

(GSS)

proprietary

KAL-AP

protocol

to

extract

load

and
availability
information

from

the

ACE

when

a

firewall

is

positioned

between

the

GSS

and

the
ACE.
This

feature

allows

you

to

configure

a

tag

(name)

per

VIP

for

a

maximum

of

4096

tags

on
an
ACE.

This

feature

does

not

replace

the

tag

per

domain

feature.

For

more

information

about

this
feature,
see

the

Release

Note

for

the

Cisco

Application

Control

Engine

Module

(Software

Version
A2(2.0))
or

the

Cisco

Application

Control

Engine

Module

Server

Load-Balancing

Configuration
Guide
(Software

Version

A2(3.0)),

the

Configuring

Health

Monitoring

chapter.
Note
The
KAL-AP-TAG
selection
is
not
available
for
the
class-default

class

map.
In
the

KAL-AP-Tag

Name

field,

enter

the

name

as

an

unquoted

text

string

with

no

spaces

and

a
maximum
of

76


alphanumeric

characters.
The
following

scenarios

are

not

supported

and

will

result

in

an

error:


You
cannot

configure

a

tag

name
for
a

VIP

that

already

has

a

tag

configuration

as

part

of

a
different
po

licy

configuration.


You
cannot

associate

the

same
tag
name
with
more

than

one

VIP.


You
cannot

associate

the

same

tag

name

with

a
domain
and

a

VIP.


You
cannot

assign

two

different

tags

to

two

different

Layer
3

class

maps

that

have

the

same
VIP,
but

di

fferent

port

numbers.

The

KAL-AP

protocol

considers

these

class

maps

t

o

have
the
same

VIP

and

calculates

the

load

for

both

Layer

3

r

ules

to

gether

when

t

he

GSS

queries
the
VIP.
Table
14-18
Layer
3/Layer

4

Network

Traffic

Policy

Map

Actions

(continued)
Action
Description/Steps