Forum Discussion
Passive FTP session load balancing from the same client
I have a situation that I cannot figure out and I need some help. I have a virtual server set up for passive FTP load balancing to a pool of four members.
Right now it is set up as Performance (Layer 4), TCP and a service port of 0.
I have source-address-translation set to automap and a protocol profile of fastL4 with a 3600 second timeout.
I have source_addr persistence with Mirror Persistence, Match across Services, and Match Across Virtual Servers all checked.
There is also an iRule on there that looks like this to only accept the 50000-50020 and port 21 range.
Right now there is really only one client FTPing in and doing gets over four sessions. The problem I have is I would like to see each of his sessions load balanced to a different server in the pool. Can I do this? And how would I do it?
when CLIENT_ACCEPTED {
if {([TCP::local_port] >= 50000 && [TCP::local_port] <= 50020) || [TCP::local_port] == 21} { } else { drop } }
- giltjrNimbostratus
I don't think you are going to be able to load balance the data connections. Unless you have some magic FTP server the data connection must go back to the same server that the control connection is on.
When doing passive FTP the server opens a port to do the data transfer on and then tells the client what port it opened. The client the connects to that port. So if the control connection is to server 1 it will open the port for the data transfer, if you try to send the inbound request from the client to server 2, server 2 will not know anything about that port.
- nitassEmployee
without ftp profile, bigip does not relate control and data channels together. now, both control and data channels are sent to the same server because of source address persistence. since there is only one client but multiple sessions, you cannot load balance ftp sessions.
to make it, i understand you need ftp profile and source address persistence should not be needed.
- nitassEmployeeyes. i do not think you need persistence because ftp profile should bind control and data channels together.
- Chris_Grabill_2NimbostratusSo if I change this to 21 source port and an FTP profile I don't need source_addr persistence? Then each session will load balance to the next server? I would think you need the source address persistence to keep the data and control channels together.
- nitass_89166Noctilucent
without ftp profile, bigip does not relate control and data channels together. now, both control and data channels are sent to the same server because of source address persistence. since there is only one client but multiple sessions, you cannot load balance ftp sessions.
to make it, i understand you need ftp profile and source address persistence should not be needed.
- nitass_89166Noctilucentyes. i do not think you need persistence because ftp profile should bind control and data channels together.
- Chris_Grabill_2NimbostratusSo if I change this to 21 source port and an FTP profile I don't need source_addr persistence? Then each session will load balance to the next server? I would think you need the source address persistence to keep the data and control channels together.
- kridsanaCirrocumulus
From my understanding.
If you use persistence, you can't load balance across pool member (F5 will send to only one member)
Can you just remove persistence profile from virtual server ? Is FTP working properly if remove it?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com