Least connection Method : Load balancing algorithm is not working as expected

Question

Hi All,&nbsp;
Least connection method is not working as expected when used with source affnity persistance. All traffic is diverted to single server.
I would like to let you know that Natting ( Public IP to Private IP) has been done on FW with the VIP ( contains two pool members in Pool).&nbsp;
Please let me know what need to be done to get the connections load balance across pool members.&nbsp;
Is it possible get it done using this way Or need to go with cookie persistance..If possible, what need to be done.&nbsp;
Please help !!&nbsp;
Thank you in Advance.&nbsp;
Regards,
Rajneesh&nbsp;

patrik_jonsson · Answer

Hi&nbsp;
Do you source nat the connection? If you have an http profile cookie persistence is generally recommended. :)&nbsp;
Don't forget to encrypt the cookie for security reasons!&nbsp;
https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14784.html&nbsp;
/Patrik&nbsp;

amanpreet_singh · Answer

Hi Rajneesh, &nbsp;
The problem is not with the combination of Source Affinity with Least connection. The problem is using NAT on firewall and using source affinity. LB is assuming all the connections to be originating from a single client IP. Have you tried using "only Destination NAT" with LB having default route towards firewall? (assuming it as a traffic coming from Internet) &nbsp;
Regards, Aman&nbsp;

amanpreet_singh · Answer

The other reasons I found hypothetically as - 
1. If you are running below HF versions with known issue of uneven load balancing
https://support.f5.com/kb/en-us/solutions/public/16000/400/sol16487.html?sr=46343907 
2. If you have OneConnect profile enabled for this virtual server
https://support.f5.com/kb/en-us/solutions/public/2000/000/sol2055.html
3. For the sake of information-
https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10430.html

t_rajneesh_2252 · Answer

Thanks Amanpreet.

Image and hotfix details running currently on box. 
ALso we are not using anyconnect profile here

Image: BIGIP-11.6.0.0.0.401.iso 
HF: Hotfix-BIGIP-11.6.0.4.0.420-HF4.iso 
Model: BIG-IP 2200

amanpreet_singh · Answer

Hi, 
Ok, that should not be a issue.
Try to avoid Source Affinity when you are using NAT on firewall. Source persistence.
"Source address affinity persistence directs session requests to the same server based solely on the source IP address of a packet"
If your traffic is HTTP, I would rather suggest to go for cookie persistence.

Forum Discussion

Least connection Method : Load balancing algorithm is not working as expected

6 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

What is the "Ring Hash" Load-Balancing Algorithm?

Intro to Load Balancing for Developers – The Algorithms

Lightboard Lessons: Local Traffic Manager Load Balancing Algorithms

Load Balancing Fu: Beware the Algorithm and Sticky Sessions

NGINX Plus R35 for Federal Environments: FIPS-Compliant algorithms with ACME Certificates in AWS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS