Forum Discussion
parasjonish_223
Nimbostratus
NimbostratusSMTP traffic loadbalancing originating from one IP - possible packet loss?
Hello,
I have been browsing the forum for some time, but have not found an answer to my question. So decided to open a new topic hoping someone can advice/help.
We have not been load balancing smpt traffic before and this is our first project that requires to load balance mail servers. I do not want to go with MX load balancing and would like to keep balancing to f5.
Layout:
1. We have an internal application that will send emails to f5 that will always have the same originating IP (since the application is internally built and is used by internal processes)
2. I have a virtual server on f5 listening on port smtp 25
3. I have a pool consisting of two james mail servers listening on smtp ports 3001
Questions:
1. What persisteny method is required to make sure mail packets are not going to be split in the middle and distibuted between separate james mail server nodes?
2. Is there a way to do it without creating a custome iRule?
3. Since all the traffic will be coming from a single IP, persistency by source address is not really an option, as all the traffic will hit the same james mail server node all the time.
4. Are there any recommended virtual server settings for this architecture?
Please let me know if you need more details in order to provide a recommendation.
Thank you in advance.
parasjonish_223another concern is what if one of the james mail server nodes crashes during a message transmission, then f5 would redirect it to another node, which is not aware of this message. How will smpt relay react to that?
seems when balancing via MX this is not an issue, as it has its own standard mechanism of resending messages and adding failed messages back into the queue in order to resend later.- JRahm
Admin
As Colin stated, the LTM is flow-based, not packet-based, so all packets within a flow will be sent to the same server. If one of the mail server crashes, then the LTM will (eventually) reset the connection to the client. The client will try to send that message again, this time balancing to the other server. - parasjonish_223thank you Jason for your reposne. But what about any specifics in terms of Vritual Server configs for this purpose and what persistency method to use?
smp_86112Cirrostratus
I think you might be misinterpreting what Colin and Jason are saying. There is no special virtual server or persistence configuration required - this is how TCP connections inherently behave. When your mail client wants to send a message, it first establishes a TCP connection with the virtual server. Then the LTM picks a pool member and opens up a corresponding TCP session with it. Now that TCP connections have been opened on "both sides", the mail client sends its message on that established TCP connection and the LTM forwards the data to the pool member. Once the entire message has been sent by the client, the client tears down the TCP connection and the LTM does the same with the pool member.
Because the entire message is sent on the same TCP session, no Persistence is required.
What it sounds like you are concerned about is how to load-balance when multiple SMTP messages are sent on the same TCP connection. But I suspect you don't need to worry about this, because I believe individual SMTP messages are sent on their own TCP connection.- parasjonish_223Thank you for clarifying. I am testing smtp load balancing right now and will let you know if I have more questions. Thanks again.
HamishCirrocumulus
FWIW I usually don't bother with LB'ing SMTP... As you stated above, it's perfectly capable of LB'ing all by itself using MX records (i.e. multiple MX records with the same priority round robin). As SMTP isn't an interactive protocol the delay in opening a connection if the first server is down isn't usually a problem.
If you do LB it, then it's the same mechanism for recover if the server crashses between messages as if no LB was involved. Messages that have been accepted and acknowledged are gone. Messages that haven't (i.e. the one you're sending when the connection goes down) get resent. You get the same resend or duplication of message as you'd get if a non-LB'ed SMTP server crashed at exactly the same time.
H- JRahmThat's a good point, Hamish. I do something similar in one of my volunteer efforts. I let smtp load balance itself with AD and MX records, and then I only do the app delivery on the F5 for the client access stuff.
- parasjonish_223i was able to configure smtl lb successfully via f5. verified emails are distrubited properly between several james nodes. thanks to everyone for answering the questions.
