Forum Discussion
Gudmo_34348
Nimbostratus
NimbostratusLoadbalancing multiport applications
I'm new to iRules or F5 altogether for that matter.
I'm trying to loadbalance an application,
I will have 4 servers running the application and each instance runs with two ports open.
My question is.
How can I guarentee persistance so that the client that connects to the
application on one port connects to the same server on the other port?
Client ----> F5:9000 ---> ServerA:9000
Then he uses another feature in it's client framework and needs to connect to the
other port on ServerA Client ----> F5:9001 ---> ServerA:9001..
But I'm unsure what persistance iRule to use as I don't understand it's syntax.
Cany anyone help me with this dilemma?
Gudmo_34348The problem is that the application in question uses 2 standard ports, not just the one.
So when a client connects he always uses port A, but certain actions within the client use port B.
The authentication and session of the user will not function unless he connects to the same server when he adds the Port B connection, or C or D for that matter.
In my case I have 2 physical servers each running 2 binaries that present the application layer, each of these binaries run on 2 ports.
I'll try to draw a simple ascii of this
Node A
App 1App2
Port 1aPort 1bPort 2aPort 2b
Each port represents a seperate pool and a seperate VS.
So in this case I have 4 Pools and 4 VS for each Node.
I'm pretty sure that Matching VS will not work as the ports are on different VSs.
Neither will matching across pools because of the same issue, not sure about matching
across services or what that does.
I've tried to use the Source Address and Destination address methods but those don't
really work all too well with the applications so I assume I will need something custom,
like an iRule to make the connections "Match Across Nodes" so to speak.
In as short as possible.
It would be best that if a client connects into any 1 port, any other port connections that
client makes after that always go to the same node he connected to first.
Hope that clears up any confusion I may have created with my first post (Not really sure what
I'm doing so I'm a little confused myself)
hoolioCirrostratus
If you want to use separate, single port virtual servers and pools for each port (aka "service") and have persistence across all of them, you'd want to use one custom source address persistence profile attached to all of the virtual servers, with match across virtuals, match across pools and match across services all enabled on the profile.
You shouldn't need a rule for this. You can check the config guide on AskF5 for details on the persistence profile options.
Aaron- Gudmo_34348I did try that, but I think I need a rule for this as one of the binaries in question doesn't work when using source address persistance.
- Gudmo, did you test with a vs:* already? does this one work, or don't you want to go that way at all?
- Gudmo_34348I don't want to go that way at all. So no, I haven't tested this.
- hoolioIf you tested using source persistence with all three "match across ..." options enabled, I'd expect the client would be persisted to the same node regardless of which service the request was made over.
Before trying to write an iRule, I'd suggest troubleshooting the existing failure to make sure you understand what's happening. If you did write an iRule to mimic the persistence behavior, you might end up in the current situation but having taken a longer route.
You can use the 'b persist show all' command to view the existing persistence records. If you have any questions on troubleshooting the issue, try contacting F5's support group.
Aaron 
shane_foster_11we've seen numerous bugs with "match across services," both with cookie insert and with source-addr persist.
the only way we got this config to work was to use cookie insert, and an all-services pool.
both single port virtuals bind the same pool. drawback is you can't do port-remapping with this scenario.
very consistent perf now, with no performance killing irules.
FWIW,
psf