Forum Discussion
NimbostratusConnection to Server through BigIP slow, connection from Servers VLAN OK: How to troubleshoot?
Is this the right forum, I'm not sure ..?
Configuration:
================
- BIgIP in the DMZ
- Server behind the BigIP running private address space
Server is made public through a virtual Server' Public IP
Server gets it's data from a client on private net through the private IP
Client (private net)->
input BigIP DMZ Interface ->
output BigIP Server VLAN Interface ->
Input Server Interface
Communication Client <-> Server is running through a Forwarding Virtual Server (under Virtual Servers), which is in Performance(Layer 4) Mode. See Attachment.
Problem description
================
Slow communication between Client / Server
Fast Communication from this client if in Server' VLAN (NOT GOING THROUGH THE BIG-IP)
Wireshark stream Client<->Server shows no errors.
We measured the connectivity with iperf, here are the results
C:\iperf>iperf -t 60 -c 10.136.228.3
------------------------------------------------------------
Client connecting to 10.136.228.3, TCP port 5001
TCP window size: 8.00 KByte (default)
------------------------------------------------------------
[1908] local 10.136.172.202 port 4643 connected with 10.136.228.3 port 5001
[ ID] Interval Transfer Bandwidth
[1908] 0.0-60.0 sec 181 MBytes 25.3 Mbits/sec
25 Mbit/s are not bad, without BigIP there are 80 Mbit.
There are some more profiles in the Forwarding Servers's configuration, may be they could help?
Roman
12 Replies
- nitass
Employee
Client (private net)->
input BigIP DMZ Interface ->
output BigIP Server VLAN Interface ->
Input Server Interfacedoes it go through firewall? if yes, have you tried to connect to bigip's dmz vlan directly? 
rkra_77787Wow, a very fast answer on Sunday :=))
Yes, there is a Firewall. I did not mention it. We checked the Connection from the DMZ vlan too without using our firewall ... same throughput.
Client (private net)->
Firewall (trust)
Firewall (DMZ)
input BigIP (DMZ) ->
output BigIP Server VLAN Interface ->
Input Server Interface
I tested with IPERF again running a PING to Bigip DMZ interface and to the Servers interface.
During the data tranfer
- ping to BigIP DMZ interface was constantly 1 ms.
- ping to the Servers interface went to almost 15 ms (in a LAN !!)
Important !
From the Servers VLAN without touching the BigIP there are no probs.- nitass- ping to the Servers interface went to almost 15 ms (in a LAN !!) have you seen any delay (e.g. delta time) in 25 Mbps wireshark file?
- rkra_77787I tried again for 20 Seconds.
10.136.172.202 is the client (my WS)
10.136.228.2 is the Server.
I do not see any errors in the capture file, I attached it..
Roman - nitassI do not see any errors in the capture file, I attached it.. i think it may not be an error but delay. you know we can show delta time between each packet in wireshark. by the way, i do not see the file.
- rkra_77787I tried to upload the capture file as a ZIP file .. it is not allowed
tried renamed as a txt file ... only 500 Byte allowed
shortened it to 400 k ... wrong parameter :=))
How and where to upload the file?
Roman - nitassHow and where to upload the file? would you mind sending me? i am at nitass at f5 dot com.
- rkra_77787Fine!
I sent it right now.
You can see in the trace the speed is about 29Mbit/sec.
Roman - rkra_77787Any news to this topic?
Roman - nitassAny news to this topic? not sure if you have received my email. just wondering if you have 80 Mbps tcpdump (not passing through bigip).
