Forum Discussion

Srikanth_79730's avatar
Srikanth_79730
Icon for Nimbostratus rankNimbostratus
May 11, 2012

Rate classes with inbound/outbound rate limits

Hey Guys,

 

 

 

 

I want to set inbound and outbound rate limits for a VIP. Ex : Inbound(client to server) is 50 mbps and Outbound(server to client) as 150 mbps. In Rate classes, only one base rate can be specified and the direction can be Any/Client/Server.

 

 

 

1. If I set the base/ceil rate to 200 mbps with direction as ANY, there is no control over how the bandwidth will be shared between inbound and outbound.

 

 

 

2. If I set the direction to Server/Client, it only impacts the inbound/outbound traffic respectively.

 

 

 

Also a connection cannot be associated with 2 rate classes. So it seems totally impossible to set different inbound/outbound data rates for a TCP connection.

 

 

 

Please let me know, if it is possible to implement this in F5 ?

 

 

 

-Thanks,

 

Srikanth

 

4 Replies

  • George_Watkins_'s avatar
    George_Watkins_
    Historic F5 Account
    Hi Srikanth,

     

     

    I've run into this before and also wish that you could assign multiple rate classes to a single virtual. One solution to this might be to create a "backend" virtual server (ex. 10.0.0.2) with an outbound rate class of 150mbps (base and ceiling) and place your application servers in the pool. If you hit this virtual you should only be able to download from the server at 150mbps.

     

     

    Next, create a separate "frontend" virtual (ex. 10.0.0.1) with another inbound (server type) rate class of 50mbps base/ceiling. In the pool member assignment for the second virtual, add the IP address of the first virtual server (10.0.0.2). Point your users at 10.0.0.1 and they should pass through both virtual servers and be subject to both rate class restrictions.

     

     

    Give that a shot and let me know if it works.

     

     

    -George
  • thanks for the response, George !!! yup two virtual serves is a possible solution, but it adds to complexity and an additional hop can increase latency as well.

     

     

    -Thanks,

     

    Srikanth
  • George_Watkins_'s avatar
    George_Watkins_
    Historic F5 Account
    Hi Srikanth,

    After some testing, it doesn't look like my original solution is going to work for you. We need to change the way that we target the "backend virtual" to make this work. Instead of sending the traffic to a pool containing the "backend" virtual server, we'll use an iRule to select the "backend" virtual server.

    1. Remove the pool containing the "backend" from the "frontend" virtual server.

    2. Create the following iRule:

    when CLIENT_ACCEPTED {
        virtual "backend_virtual_server"
    }
    3. Assign the iRule to the "frontend" virtual server.

    After that you should have a normal "backend" virtual server that looks pretty basic plus the outbound rate class. The "frontend" virtual server will have the iRule, the inbound rate class, and any necessary profiles.

    The performance hit from this solution should not be bad. You're already limiting the throughput with the rate class and the latency should not change significantly.

    Sorry for the confusion,

    -George