ASM buffer sizes

Question

I am running 11.2.0 HF1 on a 3900, and I have an application that does file transfers.  Right now all the files are fairly small maybe a couple MB.  However there is a new use case that might have people downloading and uploading files that are anywhere from 100mb - 1GB. &nbsp;
In looking at the ASM I seen that in the advanced parameters there is the request_buffer_size, which is set to 10mb by default and it appears has a max limit of 20mb.  There is the ResponseBufferSize which looks to be set to about 130mb by default and I have not found a max limit for that yet. &nbsp;
So my question is does this mean that ASM can't support a file upload of more than 20mb?  It would appear so by what I am seeing but maybe I am misunderstanding something.  Also does anyone know if there is an upward limit for the Response.  Lastly does anyone have a case where you are moving larger files through an ASM, I am somewhat concerned about performance and if anyone has any experiece with this or has recommendation on max file sizes to allow through ASM I would appreciate it. &nbsp;
 &nbsp;
Mike&nbsp;

torti · Answer

For Requests: 
&nbsp; If you want to upload files bigger than 20mb, you have to disable "Request length exceeds defined buffer size" for the policy. 
&nbsp; For Response: 
&nbsp; ??? 
&nbsp;  
&nbsp; Adds: 
&nbsp; Is it a web service? Attention with the value of "total_xml_memory" 
&nbsp; ICAP doesn't work with bigger files than 20mb. 
&nbsp; I've never tried such big uploads ;-) 
&nbsp; You should test it --&gt; following the systems memory allocation while uploading. 
&nbsp;  
&nbsp; regards

mike_maher · Answer

Torti,  
&nbsp; Thanks for the quick response. 
&nbsp;  
&nbsp; So if I disable the ASM block but the buffer is still set to 20mb will ASM just ignore that buffer setting and load the whole message into memory for inspection or do I loose inspection of larger request entirely? 
&nbsp;  
&nbsp; It is not a web service it is an HTTPS page that allows for file uploads and downloads. 
&nbsp; I am not planning on using ICAP here as the application has measures to ensure file integrity 
&nbsp; I plan on testing system resourecs in my lab

sergio_magra · Answer

Hi, 
&nbsp;      I don't know if it applies also to 11.2, but this is a KB that maybe will be useful to this case. 
&nbsp;  
&nbsp; http://support.f5.com/kb/en-us/solutions/public/8000/200/sol8292.html?sr=27061998 
&nbsp;  
&nbsp; Best regards 
&nbsp;  &nbsp;

torti · Answer

update: 
&nbsp; If anyone is planning to scan file uploads bigger than 20mb with ASM --&gt; use a AV proxy behind the f5. 
&nbsp; There is no really useful option to do this with the ASM, although they actually did bind ICAP to LTM. 
&nbsp; But this is a bad design. 
&nbsp; Using an AV proxy is much easier. 
&nbsp;  
&nbsp; regards

Forum Discussion

ASM buffer sizes

4 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

F5 packet buffer

The TCP Proxy Buffer

The TCP Send Buffer, In-Depth

F5 BIG-IP Sizing Requirement

F5 Rseries R2600 Tenant sizing