Forum Discussion

Subrun's avatar
Subrun
Icon for Cirrostratus rankCirrostratus
Mar 02, 2020

Load Balancing Not Happening for Pool Members of a Performance Layer VIP

I configured a Virtual Server as Layer 4 VIP with Load Balancing method configured as "Least Connections".

 

IP Traffic Flow is as below :

 

Client on Different Subnet >> 2.2.2.2:8001 >> F5 with SNAT Automap >> 2.2.2.4, 5 :8001.

 

During Testing we have seen that connections is not load balanced within 3 pool members. It just goes to 1 node not distributed within 3 nodes. I believe traffic is initiated from One Source during testing. But even if traffic is generated from 1 Source it will generate multiple connections or it is sessions . How to distribute multiple connections/sessions even it is generated from 1 node ?

 

Interestingly if from Source Application it by force closes the connection ( attached application image ) new connections then distributed to 3 backend nodes behind F5.

 

Please advise what could be done to distribute the tarffic within all 3 backend nodes.

 

 

application delivery
BIG-IP
LTM

10 Replies

Sort By
  • cjunior's avatar
    cjunior
    Icon for Nacreous rankNacreous
    Mar 02, 2020

    Hello,

    Sorry for many questions, is there any persistence profile attached? Maybe an oneconnect profile?

    Did you see both client and server connections closing?

    Could you share you VS setup?

     

    Regards.

  • Subrun's avatar
    Subrun
    Icon for Cirrostratus rankCirrostratus
    Mar 02, 2020

    --- No Persistence Profile added to the Virtual Server Config. Do You think configuring persistence will help here ? What could be the logic based on the scenario I tried to explain.

     

    --- Below is the Virtual Server Config

     

    admin@(F5)(cfg-sync In Sync)(Active)(/Common)(tmos)# list ltm virtual VIRTUAL_SERVER

    ltm virtual VIRTUAL_SERVER {

      creation-time 2019-12-05:16:13:14

      description "Supports VIRTUAL_SERVER "

      destination 10.8.106.52:vcom-tunnel

      ip-protocol tcp

      last-modified-time 2019-12-05:16:13:14

      mask 255.255.255.255

      pool VIRTUAL_SERVER _Pool

      profiles {

        fastL4 { }

      }

      source 0.0.0.0/0

      source-address-translation {

        type automap

      }

      translate-address enabled

      translate-port enabled

      vlans {

        vlan_3906

      }

      vlans-enabled

      vs-index 103

    }

     

    --- I did not check from CLI if connections are closing. How to see that ? tcpdump

     

  • cjunior's avatar
    cjunior
    Icon for Nacreous rankNacreous
    Mar 02, 2020

    Hi, thanks for the information.

     

     Do You think configuring persistence will help here ?

    Nope, the opposite. The persistence will try to sent traffic to server that are persisted, means that traffic will be balanced at first time for a specific criteria.

     

    I did not check from CLI if connections are closing. How to see that ? tcpdump

    Tcpdump should be a good option, plus, you can observe connections to all backend server by port 8001:

    tmsh show sys connection ss-server-port 8001

    https://support.f5.com/csp/article/K40033505

     

    If you confirm that connections are closing and LB still fails, did you check the health for the pool members? All they are UP and ready to traffic?

     

    Regards.

  • Simon_Blakely's avatar
    Simon_Blakely
    Icon for Employee rankEmployee
    Mar 02, 2020

    You have a Fast-L4 virtual. This is TCP connection oriented, so there is only one load-balancing decision made per TCP connection.

     

    As per your screenshot of the back-end service, it allows long-lived TCP connections that will accept multiple HTTP requests on that single connection.

    If you disable that option, then the TCP connection is closed after each HTTP request, and you get your expected request distribution.

     

    If you want per-Request distribution, then you need a Standard Virtual (not Fast-L4) with an HTTP profile and a OneConnect profile to ensure per-Request load-balancing decisions.

    • Subrun's avatar
      Subrun
      Icon for Cirrostratus rankCirrostratus
      Mar 04, 2020

      Screenshot you see I attached , if that Yellow Marked Option is selected then I see connections are distributed within backend servers. If that option is not selected I see 1 single connection ( TCP Connection ) to Only 1 node. Screenshot says HTTP Connection I am not sure if that means TCP Connection or HTTP Connection. Confused actually.

       

      Assuming in the screenshot it meant TCP Connection , how does that work for HTTP Traffic once TCP Connection is closed. Sorry for my knowledge limitation.

      • Simon_Blakely's avatar
        Simon_Blakely
        Icon for Employee rankEmployee
        Mar 05, 2020

        HTTP request/responses are (currently) passed over a TCP connection.

         

        A HTTP client (browser) can open a TCP connection, send an HTTP request, wait for the HTTP response, and then close the TCP connection.

         

        More commonly, the HTTP client will open a TCP connection, send an HTTP request, wait for the HTTP response, send another HTTP request, wait for the HTTP response, and then eventually close the TCP connection. This is called HTTP Keep-alive or HTTP persistent connection.

         

        The highlighted SoapUI option Close connection after request is actually referring to closing the TCP connection after the HTTP response, disabling HTTP persistent connection.

         

         

    • Subrun's avatar
      Subrun
      Icon for Cirrostratus rankCirrostratus
      Mar 11, 2020

      Hello,

      Can you explain why do we need One Connect Profile ? in this situation ?

      • Simon_Blakely's avatar
        Simon_Blakely
        Icon for Employee rankEmployee
        Mar 11, 2020

        > For my scenario , If I create a Standard Virtual Server ( Not L4 ) and do not create a One Connect Profile , it does not load balance the traffic ? Just to give an idea regarding client there are 3/4 clients will be making thousands of connections to this VIP.

         

        You have to distinguish between connections and requests - the Standard Virtual Server will load-balance connections, but not requests.

         

        The One-Connect profile in conjunction with an HTTP Profile will load-balance requests.