Can you please suggest best load balancing method that works well with source address affinity persistence?

Least connection is best method in all case.

"Least connections (member)" is generally recommended, which is also used in most deployment guides I have seen. However, one really needs to know the characteristics of one's workload in order to choose the most appropriate LB method. For some connections may demand a lot more resources on the application server than others.

Define "Well" - They all work as they're designed to.

But it all depends on if you see many, or one IP addresses on the ingress interface on the F5. I.e. if something is NATting Many to one addresses infront, source address affinity + any load balancing method won't work "well".

Thank you. Currently, the algorithm we are using is round robin and the users are directed to a different application server sometimes from the middle of their job or immediately when they login though the source address affinity is set for 30 mins and we are doing ssl offloading on the VIP with 4 backend servers(no certificate on them). This setup was working fine before and this issue had started very recently.

The error they are seeing is FRM:92104 which is very intermittent. Please let me know if you need more information. I am unable to figure out if this is a load balancing issue or server issue.

What's the timeout set to on your Source Address profile ?

IIRC - The default is 300 seconds, you might want to look at increasing that to a time that suits your application.

Hi Iain,

Timeout is 1800 seconds - 3o mins.

Thanks, Srikanth

If you are not really sure, try "Least Connections (member)" with a lower timeout and smaller net mask.

Smaller mask (/29 or even /32) will help in better distribution of traffic.