Forum Discussion
BigIP F5 LTM fails during Load testing
"My Set up has a BIGIP single CPU hosted on AWS.This sits in front of a node API i use for load testing."
First issue is that 1 CPU is not a supported or recommend pattern to use, and per your statement that you are performing load testing. Please move to what would be a considered a supported pattern which would be a minimum of 2vCPU and 4 GB of RAM.
You have not listed the instance type that you are using but I am guessing that it is either a T2 or. T3 since you are on one CPU. Both of these instance classes operate on fraction or token use case for CPU and network bandwidth, additionally they have very small connection tables in AWS (connection tracking is enabled unless you are permitting 0.0.0.0/0 in and out in the SG). While you can flag them unlimited for CPU (option on the T2, standard on the T3) you cannot do so for network bandwidth. Once you have exhausted your network bucket you will see connection issues.
Prior to spending time debugging TCP what is happening please move to a minimum 2 vCPU and 4 GB of RAM deployment. If you are on a T2/T3 please change the instance type to a c5/c6/m5/m6.
- sand87chDec 07, 2022
Cirrus
I am using the F5 Big IP VE BYOL(14.xxx)livcense available in AWS marketplace.And yes the instance is T2 medium.Sorry that my posting confused you.By 1CPu i meant 1 boot location as shown in the attachment below.
The instance i am using is m5.xlarge having 4 cpu and 16GB ram.I hope this is ok.
- Heath_ParrottDec 07, 2022
Employee
Yes with BIG-IP running on an m5.xl 4CPU:16GB ram you should be good to load test as that configuration from a BIG-IP standpoint. The M5xl still has a connection table on the small side (WRT to the AWS SG - sorry AWS does not publicly publish these numbers) that you may be hitting and you should disable connection tracking to ensure that is not the issue. (see AWS documentation on how). I would recomend doing this if you have not since it is an external limit on the system that will not show up in the BIG-IP logs.
My expereince on hitting SG table limits plays out like:
Generate Traffic load --> Latency --> error. Let the test bed sit for 15 minutes and you can repeat at will. Repeating more frequently you hit the error sooner.- sand87chDec 07, 2022
Cirrus
Heath_Parrott Reading the document it seems that if the security group allows all inbound and outbound connections then this tracking and blocking of connections wont occur.Correct me if i am wrong.I enabled all traffic on our big ip VE on AWS but still the jmeter tests shows the same errors.Am i missing something here?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com