Draining issues with Ms IIS and F5 LTM/BigIP 9.4.6

Question

Hi, 
&nbsp;  
&nbsp; Maybe this question doesn't belong in this forum but since it involves the LTM and load balancing I'll post it anyway since there must be others out there with similar issues. 
&nbsp;  
&nbsp; We have a environment like this: 
&nbsp;  
&nbsp; |Webfront1 MS IIS| |Webfront2 MS IIS| 
&nbsp;  
&nbsp; ----LTM-HA-PAIR---- 
&nbsp;  
&nbsp; |Appserver1 MS IIS| |Appserver1 MS IIS| 
&nbsp;  
&nbsp; The Appservers are LBing HTTP traffic without persistance of any kind. 
&nbsp;  
&nbsp; ...when im trying to drain Appserver1 by setting the node to disabled, most of the connections will drain out but there is always 7-10 connections that wont. Something is keeping these ones alive from the webfronts. 
&nbsp;  
&nbsp; I can list them in the LTM from CLI, I can see the traffic in the IIS logs. 
&nbsp; The only way I can "solve" this is by restarting the IIS so the LTM notice it as down (at least I think it does, the connections is zeroed anyway). 
&nbsp;  
&nbsp; Do anyone have any ideas how to do a nice and normal draining, is there any command I can run on the MS/IIS to clear some cache or on the LTM to force a TCP-reset to the active connections to the disabled node? 
&nbsp; I've spent plenty of time trying to solve this, googling, opening cases to F5 support etc. 
&nbsp;  
&nbsp; Help? =) 
&nbsp;  
&nbsp; //Robert 
&nbsp;

the_bhattman · Answer

When you select the node you can select "Forced Offline (Only active connections allowed) "  This should force the node to simply not allow any active connections through. 
&nbsp;  
&nbsp;  
&nbsp;  
&nbsp; CB

mr_rj · Answer

No it doesnt, it seems that the webfront is keeping them alive :/ 
&nbsp; Trying to figure out why and if it's possible to clear some cache on the IIS-side or something.

hooleylist · Answer

No node setting will clear existing connections.  If you want to clear existing connections, you could remove them from the connection table using 'b conn'.  You can check the 'b conn help' page for details. 
&nbsp;  
&nbsp; Disabled (Only persistent or active connections allowed) - existing TCP connections and clients who have/present a valid persistence record would be allowed 
&nbsp; Forced Offline (Only active connections allowed) - only existing TCP connections will be allowed 
&nbsp;  
&nbsp; It's possible the "existing" connections are not existing, and are from monitor traffic.  However, why do you need to clear existing TCP connections?  If you're taking the node down, the server would reset/drop the connections anyhow. 
&nbsp;  
&nbsp; Aaron

sams_81032 · Answer

We had a very similar issue to the OP. We ended up raising a support ticket. 
&nbsp;  
&nbsp; These steps solved it: 
&nbsp;  
&nbsp; Go to the Pool you want to make the change on. 
&nbsp; Change the Configuration to "Advanced". 
&nbsp; Select "Reject" next to "Action on Service Down". 
&nbsp;  
&nbsp; This seems to kill all open TCP connections when Forced Offline is selected for a node. 
&nbsp;  
&nbsp; Hope that helps. 
&nbsp;  
&nbsp; Cheers 
&nbsp; Sam

sams_81032 · Answer

I've also tracked down a great doc by debs on DevCentral that goes into good detail about the different Action on Service Down settings: 
&nbsp;  
&nbsp; http://devcentral.f5.com/Default.aspx?tabid=63&amp;articleType=ArticleView&amp;articleId=179 
&nbsp;  
&nbsp;  
&nbsp; Cheers 
&nbsp; Sam

Forum Discussion

Draining issues with Ms IIS and F5 LTM/BigIP 9.4.6

9 Replies

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

F5 Bigip LTM NAT64 config

Regex issue

BIGIP LTM GUI Access issue

F5 GTM resolution issue

Irule Example Issue