Forum Discussion

pagema1_69881's avatar
pagema1_69881
Icon for Nimbostratus rankNimbostratus
Mar 08, 2010

Very Slow Application performance behind F5

We have one application that performs very poorly behind F5. There is a 9 second delay on the initial GET request going through the VIP. If we bypass the F5 to the servers directly there is no delay. Wireshark shows a lot of reassembled PDU's. I'm no guru with captures so I'm not sure what this means. Here is our setup:

 

 

SSL Offloading VIP.

 

one http pool with 2 members.

 

TCP lan/wan Optimized profiles on VIP, with one connect profile.

 

We are using SNAT

 

We tried disabling Nagle's, no effect

 

Tried enabling proxy max segment, no effect

 

tried going thru F5 using HTTP only, no effect

 

 

If we connect to the servers directly that 9 second initial delay vanishes.

 

No packet loss on NIC's.

 

Switch is set to 100MB Full as are F5 Nics.

 

2 HA LTM 3400 vers 10.0.1.

 

 

We do have a case open with support but they have not been able to identify the issue within our TCP Dumps. Has anyone seen this type of delay only on the initial GET Request? Any tips on improving performance? Our other applications behind F5 don't have this delay.

 

 

Thanks,

 

Marc
config
design
  • Joel_Moses's avatar
    Joel_Moses
    Icon for Nimbostratus rankNimbostratus
    Mar 11, 2010
    Gosh, I don't know if I'd call myself a Windows guru. I spend a lot of my time trying to avoid it!
  • pagema1_69881's avatar
    pagema1_69881
    Icon for Nimbostratus rankNimbostratus
    Mar 11, 2010
    Thanks for all of this information. I can't tell you how happy our network team and development teams are now that this is no longer an issue. For us, our BIGIP's are constantly blamed whenever a performance issue arises that can't be explained. It is an easy scapegoat and this helps to show that the LTM's continue to be the beasts they are. Thanks gain for all this info. In our case we don't need the net bios and the environment is performing like a champ.

     

    Thanks,

     

    Marc
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    May 18, 2010
    I just ran into this with a customer implementation today so thanks everyone for the info on NetBios.

     

     

    It was a bit of a pain to troubleshoot as the customer kept telling me that the application worked perfectly from the console. They were also doing reverse DNS lookups on client IP addresses for every login attempt which timed out after 30 seconds... oye.

     

     

    Aaron