Forum Discussion

monica_74227's avatar
monica_74227
Icon for Nimbostratus rankNimbostratus
Oct 21, 2009

Loadbalancing Traffic for Outbound

Hey gus,

 

 

I want to know if we could use Ratio method for the outbound traffic with LC. If we can, How to set up and how to define the iRule.

 

 

I guess we may define the two links in the default_gateway_pool, and use the ratio method in the pool.

 

 

thank you for your help!!!
application delivery
dev
devops
iRules
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 21, 2009
    Hi Monica,

     

     

    You should be able to do this using default load balancing configuration without an iRule as you've described with a 0.0.0.0/0.0.0.0 network virtual server which references a default gateway pool and ratios set for the two members.

     

     

    Aaron
  • monica_74227's avatar
    monica_74227
    Icon for Nimbostratus rankNimbostratus
    Oct 21, 2009
    okay, thank you for your quickl reply.however maybe I need to use irule to do something else, just like the following:

     

     

    rule iRule_internal_out {

     

    when CLIENT_ACCEPTED {

     

    if { [matchclass [IP::local_addr] equals $::cnc_class]} {

     

    pool cnc_ratio_pool

     

    } elseif { [matchclass [IP::local_addr] equals $::ct_class]} {

     

    pool ct_ratio_pool

     

    } else {

     

    pool cnc_ratio_pool

     

    }

     

    }

     

    when LB_SELECTED {

     

    if { [IP::addr [IP::client_addr] equals 172.16.3.X] } {

     

    switch{IP::addr [LB::server addr]}

     

    {

     

    221.218.248.145 {snatpool snat_ct_mail}

     

    222.35.42.97 {snatpool snat_cnc_mail}

     

     

    }

     

    } else {

     

    snat snat_cnc_default

     

    }

     

    }

     

    }

     

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 21, 2009
    Okay, so you have an iRule to select the pool and apply SNAT based on the destination and source IP addresses. Does it work for your requirements? If not, can you add logging to the iRule to see what code is being executed?

     

     

    Aaron
  • monica_74227's avatar
    monica_74227
    Icon for Nimbostratus rankNimbostratus
    Oct 21, 2009
    hey Aaron, well, that is just my think, i don't know if it could work well. I will set up a test environment to check.

     

    what is your apionion ?
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 21, 2009
    Which version of software are you running? The syntax for matchclass has changed slightly in v10 versus v9. I'll post an example iRule after getting the version.

     

     

    Thanks,

     

    Aaron
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 21, 2009
    Can you give this a try? The only significant changes I made were to remove the IP::addr command from the switch statement and add logging. I also remove the $:: prefix from the class names to make the iRule CMP compatible. For more info on this, you can check this CMP page (Click here). 

     
 when CLIENT_ACCEPTED { 
  
    log local0. "[IP::client_addr]:[TCP::client_port]: New connection to [IP::local_addr]:[TCP::local_port]" 
  
     Check if client IP is in the cns_class 
    if {[matchclass [IP::local_addr] equals cnc_class]}{ 
  
       pool cnc_ratio_pool 
       log local0. "[IP::client_addr]:[TCP::client_port]: Matched client to cnc_class" 
  
     Check if destination IP is in the ct_class 
    } elseif {[matchclass [IP::local_addr] equals ct_class]}{ 
  
       pool ct_ratio_pool 
       log local0. "[IP::client_addr]:[TCP::client_port]: Matched destination to ct_class" 
  
    } else { 
       pool cnc_ratio_pool 
       log local0. "[IP::client_addr]:[TCP::client_port]: Default case." 
    } 
 } 
 when LB_SELECTED { 
  
     Check if client is 172.16.3.0/24 
    if {[IP::addr [IP::client_addr]/24 equals 172.16.3.0]}{ 
  
       log local0. "[IP::client_addr]:[TCP::client_port]: Matched client check for 172.16.3.0/24" 
  
        Check selected pool member IP 
       switch {[LB::server addr]}{ 
          "221.218.248.145" { 
             snatpool snat_ct_mail 
             log local0. "[IP::client_addr]:[TCP::client_port]: Matched destination IP 221.218.248.145. Snatting using snat_ct_mail" 
          } 
          "222.35.42.97" { 
             snatpool snat_cnc_mail 
             log local0. "[IP::client_addr]:[TCP::client_port]: Matched destination IP 221.218.248.145. Snatting using snat_cnc_mail" 
          } 
       } 
    } else { 
       snat $snat_cnc_default 
       log local0. "[IP::client_addr]:[TCP::client_port]: Didn't match client check for 172.16.3.0/24. Snatting using snat_cnc_mail" 
    } 
 }

    Aaron
  • monica_74227's avatar
    monica_74227
    Icon for Nimbostratus rankNimbostratus
    Oct 21, 2009
    hey Aaron,

     

     

    I want to use the static ratio(node) loadbalance method for the cnc_ratio_pool and ct_ratio_pool, however do you know this SOL6542, the detail as following:

     

     

    "If you create a link object on the BIG-IP Link Controller, the load balancing method for any existing default gateway pool is automatically changed to dynamic ratio. This automatic change to the dynamic ratio load balancing method is required for link load balancing and is the expected behavior."

     

     

    could we still could use the static ratio?
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Oct 21, 2009
    You can set costs on the links to get a ratio effect. You can check the LC config guide for your version to get more details on configuring this:

     

     

    Cost-Based Load Balancing

     

    https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm_lc_implementations_943/solgl_costlb.html

     

     

    Aaron