Forum Discussion
brad_11440
Jan 15, 2009Nimbostratus
FastL4 vs Optimized TCP Profiles
We run active/standby 6400 (platform D63a) LTM's for our production applications. They are accessed via clients on a private network with an average latency around 80ms. Nearly all of our virtual servers are using the default standard TCP profile (nagle's, bandwidth delay, low send/receive windows and proxy buffers). We've recently implemented an end-to-end response time analysis solution and have observed very high server response times for those applications that utilize the LTM.
We want to improve performance and obviously switching to either FastL4 or TCP LAN Optimized profile would do just that. But which one would be better ? I think taking advantage of the two TCP stacks would be a benefit but I am concerned with the increased CPU/memory utilization this would cause. FastL4 would put more burden on the server itself and I am not sure if that is a good thing or not. For the most part, we do not use any extensive iRules (only a simple SNAT rule), so both would be an option. Has anyone done a comparison between the two ?
Any tips are appreciated. Thanks in advance!
- Maybe it's about the right time to have you post your VIP config from the bigip.conf. It's possible you have other settings applied to the VIP which conflict with a FastL4 profile??? Also it might be helpful to paste the values of the TCP profile you have applied.
- JRahmAdminI agree with smp, fastL4 will be better unless you need the features above tcp. You probably won't see much impact on the servers, though if the tcp overhead becomes a problem on the server side, you could implement oneconnect with the optimized tcp profiles, and that will reuse connections to your servers so that the high cost of setup and teardown is eliminated. There are a lot of ways to skin the cat and plenty of nuances in every environment that there isn't a one size fits all approach, and the functionality is there exactly for this reason.
- brad_11440NimbostratusWell, we made the change this morning. For reasons we are still investigating, after moving to FastL4, the VIP went down and the application stopped working. It did not come back up until we switched over to TCP-LAN-Optimized on both sides (did not try reverting back to the default standard).
- smp_86112CirrostratusMaybe it's about the right time to have you post your VIP config from the bigip.conf. It's possible you have other settings applied to the VIP which conflict with a FastL4 profile??? Also it might be helpful to paste the values of the TCP profile you have applied.
- brad_11440NimbostratusHere is the config. Thanks for clarifying the window size issue. That makes perfect sense.
profile fastL4 fastL4 { reset on timeout enable reassemble fragments disable idle timeout 300 max segment override 0 pva acceleration full } pool wmtis03ssl { snat disable nat disable monitor all tcp member 10.212.xxx.xxx:5553 session disable member 10.212.xxx.xxx:40202 member 10.212.yyy.yyy:5553 session disable member 10.212.yyy.yyy:40202 } pool wmtis03ssl_SNAT { monitor all tcp member 10.212.xxx.xxx:5553 session disable member 10.212.xxx.xxx:40202 member 10.212.yyy.yyy:5553 session disable member 10.212.yyy.yyy:40202 monitor tcp } rule wmtis03ssl_Irule { when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.212.xxx.0/255.255.254.0] } { pool wmtis03ssl_SNAT } else { pool wmtis03ssl } } } virtual wmtis03ssl_VIP { destination 10.212.aaa.aaa:5553 ip protocol tcp pool wmtis03ssl rule wmtis03ssl_Irule } profile tcp tcp-lan-optimized { defaults from tcp slow start disable bandwidth delay disable nagle disable proxy buffer low 98304 proxy buffer high 131072 send buffer 65535 recv window 65535 }
- Josh_41258NimbostratusBrad, a bit off topic, but would you mind sharing how you are conducting these response time tests? Thanks!
- brad_11440Nimbostratus
Posted By jbaird on 01/20/2009 8:03 PM
- Josh_41258NimbostratusLooks nice. Do you know of any other (free) products similar to this?
- JRahmAdminThe upper bound for TCP's initial window is represented by this formula:
- JRahmAdminAnd smp is absolutely spot-on on the clientside of LTM regarding window size, client is not sending much except a request, so the LTM stack has no reason to increase the window. If you look at the flow on the serverside, in this perspective, the server is the client and will need to increase the window to maximize efficiency in receiving the data from the server.
- smp_86112CirrostratusThanks for the details on the initial window.
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects