Forum Discussion
NimbostratusTraffic over VS (https) is slower than servers directly
Hello,
I'm Using F5 Standard VIP, protocol https configured ass SSL offload (Termination) which means that I'm decrypting SSL packets on F5 Box & sending traffic to an http pool. Actually this configurations works fine, but We noticed that there's a speed issue. when trying to transfer files or download/upload directly using physical servers speed is ok. when using F5 LTM VIP, speed rate is very low (up to 50 x slower) Do you have any idea about how to diagnose that on F5 LTM, or if there's a parameter I can change on VIP configuration so that I can improve speed over VIP.
just to give you more informations: - I changed the LB method from Least connection (member) to Round robin - The application we're working on is a reverse proxy solution. - I tried these Protocol Profiles (client) : tcp-lan-optimized , tcp-wan-optimized. but I got the same result
thank you
12 Replies
Yann_DesmarestCirrus
Hello,
This is due to the Nagle algorithm in tcp-wan-optimized.
Please use tcp or tcp-lan-optimized.
Yazid_AbdesslamHello & thank you for prompt reply,
as mentioned in my question, I used these tcp profiles but still having a latency on ViP
I attach a capture showing difference between VS & physical Server
- Yazid_AbdesslamI tried with pool using different tcp port 7010 so servers actually listens on port 7010.
- Yann_DesmarestIn https, your browser try to check for revocation status of the server ssl certificate. Did you do your tests on a browser or through a command line like curl ?
- Yazid_AbdesslamYes, I tested in Firefox & Google Chrome Browsers. even Curl command shows the same latency. (about 4 to 5 seconds to display/download) but directly from server, that works fine (less than a seconde) regards, Yazid
Kishore_Kumar_2Just because you have mentioned using TCP-LAN and WAN optimized profiles, there is a feature called Nagle Algorithm which will wait the buffer size to be filled to forward the packets further, so in order to mitigate this issue - You will have to disable Nagle Algorithm to have latency issues answered.
http://searchnetworking.techtarget.com/definition/Nagles-algorithm
Sol 7405 Sol 7406
Nagle's AlgorithmDisabledWhen this setting is enabled, the BIG-IP system applies Nagle's algorithm to reduce the number of short segments on the network by holding data until the peer system acknowledges outstanding segments- Yazid_AbdesslamThank you Kishore, I verified the Tcp Profiles. Nagle's Algorithm is disabled on all of them. should I enable it so? BR.
- Yazid_Abdesslam
I simply use browser's developper tools "Network" Tab.
about interfaces : BigIP Side : Full Duplex 1000BaseT
Switch Core Side: Full Duplex Auto I just tried to force it to speed 1000 but same problem :( ..... you should also know that this Interface is used for other web applications, actual BigIP Throughput is 2Mbps (Limited at 6Gbps).
regards
- Yazid_Abdesslam
I simply use browser's developper tools "Network" Tab.
about interfaces : BigIP Side : Full Duplex 1000BaseT
Switch Core Side: Full Duplex Auto I just tried to force it to speed 1000 but same problem :( ..... you should also know that this Interface is used for other web applications, actual BigIP Throughput is 2Mbps (Limited at 6Gbps).
regards
- Stanislas_Piro2
Cumulonimbus
Hi,
to troubleshoot and identify what is causing latency, can you create a HTTP virtual server.
if you have the same issue with HTTP VS, you can search with TCP optimization and network issues.
if you have better performances without SSL, the issue may be caused by F5 or browser encrypt / decrypt process.
