Forum Discussion

Florent_Thieba1's avatar
Florent_Thieba1
Icon for Nimbostratus rankNimbostratus
Feb 27, 2013

Error message in log - CMP persist message

Hi,

 

I can't figure where this error is coming from and how i could prevent it to occur, this is a sample:

 

In the file /var/log/ltm

 

Feb 27 15:55:28 local/tmm1 err tmm1[4769]: 01010206:3: CMP persist message: persist data size 4530 exceeds maximum length 4096

 

Feb 27 15:55:28 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 4978 exceeds maximum length 4096

 

Feb 27 15:55:43 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 4830 exceeds maximum length 4096

 

Feb 27 15:55:43 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 4590 exceeds maximum length 4096

 

Feb 27 15:55:43 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 5110 exceeds maximum length 4096

 

Feb 27 15:55:45 local/tmm1 err tmm1[4769]: 01010206:3: CMP persist message: persist data size 4590 exceeds maximum length 4096

 

Feb 27 15:55:49 local/tmm1 err tmm1[4769]: 01010206:3: CMP persist message: persist data size 4590 exceeds maximum length 4096

 

Feb 27 15:55:54 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 4542 exceeds maximum length 4096

 

Feb 27 15:56:06 local/tmm1 err tmm1[4769]: 01010206:3: CMP persist message: persist data size 4686 exceeds maximum length 4096

 

Feb 27 15:56:12 local/tmm1 err tmm1[4769]: 01010206:3: CMP persist message: persist data size 4686 exceeds maximum length 4096

 

Feb 27 15:56:12 local/tmm err tmm[4768]: 01010206:3: CMP persist message: persist data size 4686 exceeds maximum length 4096

 

 

This is a small sample, you can see with the timestamp this occurs very often (French time).

 

I have no idea where to start digging to solve this problem.

 

 

I checked every irule I have to see if this is a normal behaviour (this log could be triggered on purposed by one of the person who worked on it, but i didn't find anything like that).

 

 

If you have any idea..

 

 

Florent.

 

management
monitoring

17 Replies

Sort By
Show More
  • Florent_Thieba1's avatar
    Florent_Thieba1
    Icon for Nimbostratus rankNimbostratus
    Mar 14, 2013
    I indeed use this, for the exchange 2010 VIP:

     

    when HTTP_REQUEST {

     

    switch -glob [HTTP::header "User-Agent"] {

     

    "MSRPC" {

     

    if { [HTTP::cookie exists "OutlookSession"] } {

     

    persist uie [HTTP::header "OutlookSession"] 3600

     

    } else {

     

    persist uie [HTTP::header "Authorization"] 3600

     

    }

     

    }

     

    "*Microsoft Office*" {

     

    persist uie [HTTP::header "Authorization"] 3600

     

    }

     

    default {

     

    persist source_addr

     

    }

     

    }

     

    }

     

     

    This is the default template recommended i used to set the VIP.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 14, 2013
    is it possible that those headers are bigger than 4096 bytes?
  • Florent_Thieba1's avatar
    Florent_Thieba1
    Icon for Nimbostratus rankNimbostratus
    Mar 14, 2013
    It seems a lot !

     

    I dunno, i have to check this, do I have any way to see it directly from production ?

     

    I'll check the microsoft documentation.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 14, 2013
    I dunno, i have to check this, do I have any way to see it directly from production ? off the top of my head is to either run tcpdump or use irule for logging.
  • Florent_Thieba1's avatar
    Florent_Thieba1
    Icon for Nimbostratus rankNimbostratus
    Apr 11, 2013

    Hi, it took me some time but i finally did it...

     

    I logged the error like this:

     

     

     

    rule Exchange_2010__oaPersistIRule {

     

    when HTTP_REQUEST {

     

    switch -glob [HTTP::header "User-Agent"] {

     

    "MSRPC" {

     

    if { [HTTP::cookie exists "OutlookSession"] } {

     

    log local0. "HTTP::header OutlookSession is [string length [HTTP::header "OutlookSession"] ]"

     

    persist uie [HTTP::header "OutlookSession"] 3600

     

    } else {

     

    log local0. "HTTP::header Authorization is [string length [HTTP::header "Authorization"]]"

     

    persist uie [HTTP::header "Authorization"] 3600

     

    }

     

    }

     

    "*Microsoft Office*" {

     

    log local0. "HTTP::header Authorization is [string length [HTTP::header "Authorization"] ]"

     

    persist uie [HTTP::header "Authorization"] 3600

     

    }

     

    default {

     

    persist source_addr

     

    }

     

    }

     

    }

     

     

     

    I sent the qkview to the support and now wait for an answer

     

     

  • Florent_Thieba1's avatar
    Florent_Thieba1
    Icon for Nimbostratus rankNimbostratus
    Apr 16, 2013

    Hi,

     

     

    I finally get an answer from the support.

     

    Here is the answer:

     

     

     

     

    The error log is caused by the oversize string which used as uie key. exceed the max length defined internal by bigip.

     

    Exchange_2010__oaPersistIRule

     

    persist uie [HTTP::header "Authorization"] 3600

     

    Problem here is that HTTP Request Authorization header is too long = 4386

     

    The workaround is to reduce the size of that header. For example you might want to use its md5sum.

     

    persist uie [md5 [HTTP::header "Authorization"] ] 3600

     

    that will reduce the size of the data used as key.

     

     

    I tried tu put it and it seems to be ok now !

     

    I will keep the ticket open at least until the end of the day to see if this is not impacting other things.