Forum Discussion

logical_254756's avatar
logical_254756
Icon for Nimbostratus rankNimbostratus
Oct 18, 2016

source IP and source Port persistence using irule - Citrix - (carp vs uie)

Hi,

We ran into an issue of uneven load-balancing due to using citrix. Clients end up using the same IP so we decided we need to start load-balancing using the source port as well. I have done my homework and search around until I came across multiple solutions of either to use uie or carp.

I have multiple questions hopefully I will get answers for.

  • I understand carp doesn't have a timeout so that leads to a question is it better to use in this situation?
  • Also we are leaning towards load-balancing using the least connections. Would each algorithm limits to a specific load-balancing method?
  • Per my irule below I don't add persist assuming it is done automatically. am I wrong with that assumption? Should I be adding each successful persistence records?
  • what would be the best way to test such an implementation?

Here is the irule I'm about to implement.

when CLIENT_ACCEPTED { 
    set client_ip_port "[IP::client_addr]:[TCP::client_port]" 
    if {[TCP::client_port] and [IP::client_addr] !=0} { 
       persist carp $client_ip_port
    } 
}
  • This is my limited understanding of CARP:

     

    It is a one-way hash-like algorithm that matches on a "source" and sends it to a "destination". As long as the "source" remains the same, the "destination" will be the same and it is for this reason that it doesn't store any persistence value on the F5 locally.

     

    Now, using the above understanding, as long as the "source" values are diverse at any instance, we should have a better distribution of traffic. I think, if you have many pool members, it will increase the chances of the traffic being evenly distributed.

     

    Least Connections (Member) is my favorite and default algorithm to implement by default. If it doesn't help, then explore other options. I don't think CARP/Hash is tied to a specific load balancing algorithm.

     

    No, you don't have to add persistence records.

     

    Testing - depends on the application, what you are trying to test and of course the resources you possess. If you have a great LT/Stage environment, it is easier to test or you can spin up a bunch of cloud servers in different DC from one of the public cloud providers to see if the load is evenly distributed.