Loadbalancing multiport applications

The problem is that the application in question uses 2 standard ports, not just the one.

 

So when a client connects he always uses port A, but certain actions within the client use port B.

 

 

The authentication and session of the user will not function unless he connects to the same server when he adds the Port B connection, or C or D for that matter.

 

 

In my case I have 2 physical servers each running 2 binaries that present the application layer, each of these binaries run on 2 ports.

 

 

I'll try to draw a simple ascii of this

 

 

Node A

 

App 1App2

 

Port 1aPort 1bPort 2aPort 2b

 

 

Each port represents a seperate pool and a seperate VS.

 

So in this case I have 4 Pools and 4 VS for each Node.

 

 

I'm pretty sure that Matching VS will not work as the ports are on different VSs.

 

Neither will matching across pools because of the same issue, not sure about matching

 

across services or what that does.

 

 

I've tried to use the Source Address and Destination address methods but those don't

 

really work all too well with the applications so I assume I will need something custom,

 

like an iRule to make the connections "Match Across Nodes" so to speak.

 

 

In as short as possible.

 

It would be best that if a client connects into any 1 port, any other port connections that

 

client makes after that always go to the same node he connected to first.

 

 

Hope that clears up any confusion I may have created with my first post (Not really sure what

 

I'm doing so I'm a little confused myself)

 

If you want to use separate, single port virtual servers and pools for each port (aka "service") and have persistence across all of them, you'd want to use one custom source address persistence profile attached to all of the virtual servers, with match across virtuals, match across pools and match across services all enabled on the profile.

 

 

You shouldn't need a rule for this. You can check the config guide on AskF5 for details on the persistence profile options.

 

 

Aaron

I did try that, but I think I need a rule for this as one of the binaries in question doesn't work when using source address persistance.

Gudmo, did you test with a vs:* already? does this one work, or don't you want to go that way at all?

I don't want to go that way at all. So no, I haven't tested this.

If you tested using source persistence with all three "match across ..." options enabled, I'd expect the client would be persisted to the same node regardless of which service the request was made over.

 

 

Before trying to write an iRule, I'd suggest troubleshooting the existing failure to make sure you understand what's happening. If you did write an iRule to mimic the persistence behavior, you might end up in the current situation but having taken a longer route.

 

 

You can use the 'b persist show all' command to view the existing persistence records. If you have any questions on troubleshooting the issue, try contacting F5's support group.

 

 

Aaron

we've seen numerous bugs with "match across services," both with cookie insert and with source-addr persist.

 

 

the only way we got this config to work was to use cookie insert, and an all-services pool.

 

both single port virtuals bind the same pool. drawback is you can't do port-remapping with this scenario.

 

 

very consistent perf now, with no performance killing irules.

 

 

FWIW,

 

psf