cancel
Showing results for 
Search instead for 
Did you mean: 

Load Balancing Not Happening for Pool Members of a Performance Layer VIP

Subrun
Cirrostratus
Cirrostratus

I configured a Virtual Server as Layer 4 VIP with Load Balancing method configured as "Least Connections".

 

IP Traffic Flow is as below :

 

Client on Different Subnet >> 2.2.2.2:8001 >> F5 with SNAT Automap >> 2.2.2.4, 5 :8001.

 

During Testing we have seen that connections is not load balanced within 3 pool members. It just goes to 1 node not distributed within 3 nodes. I believe traffic is initiated from One Source during testing. But even if traffic is generated from 1 Source it will generate multiple connections or it is sessions . How to distribute multiple connections/sessions even it is generated from 1 node ?

 

Interestingly if from Source Application it by force closes the connection ( attached application image ) new connections then distributed to 3 backend nodes behind F5.

 

Please advise what could be done to distribute the tarffic within all 3 backend nodes.

 

 

0691T000008GQE8QAO.jpg

10 REPLIES 10

cjunior
Nacreous
Nacreous

Hello,

Sorry for many questions, is there any persistence profile attached? Maybe an oneconnect profile?

Did you see both client and server connections closing?

Could you share you VS setup?

 

Regards.

Subrun
Cirrostratus
Cirrostratus

--- No Persistence Profile added to the Virtual Server Config. Do You think configuring persistence will help here ? What could be the logic based on the scenario I tried to explain.

 

--- Below is the Virtual Server Config

 

admin@(F5)(cfg-sync In Sync)(Active)(/Common)(tmos)# list ltm virtual VIRTUAL_SERVER

ltm virtual VIRTUAL_SERVER {

  creation-time 2019-12-05:16:13:14

  description "Supports VIRTUAL_SERVER "

  destination 10.8.106.52:vcom-tunnel

  ip-protocol tcp

  last-modified-time 2019-12-05:16:13:14

  mask 255.255.255.255

  pool VIRTUAL_SERVER _Pool

  profiles {

    fastL4 { }

  }

  source 0.0.0.0/0

  source-address-translation {

    type automap

  }

  translate-address enabled

  translate-port enabled

  vlans {

    vlan_3906

  }

  vlans-enabled

  vs-index 103

}

 

--- I did not check from CLI if connections are closing. How to see that ? tcpdump

 

cjunior
Nacreous
Nacreous

Hi, thanks for the information.

 

 Do You think configuring persistence will help here ?

Nope, the opposite. The persistence will try to sent traffic to server that are persisted, means that traffic will be balanced at first time for a specific criteria.

 

I did not check from CLI if connections are closing. How to see that ? tcpdump

Tcpdump should be a good option, plus, you can observe connections to all backend server by port 8001:

tmsh show sys connection ss-server-port 8001

https://support.f5.com/csp/article/K40033505

 

If you confirm that connections are closing and LB still fails, did you check the health for the pool members? All they are UP and ready to traffic?

 

Regards.

Simon_Blakely
F5 Employee
F5 Employee

You have a Fast-L4 virtual. This is TCP connection oriented, so there is only one load-balancing decision made per TCP connection.

 

As per your screenshot of the back-end service, it allows long-lived TCP connections that will accept multiple HTTP requests on that single connection.

If you disable that option, then the TCP connection is closed after each HTTP request, and you get your expected request distribution.

 

If you want per-Request distribution, then you need a Standard Virtual (not Fast-L4) with an HTTP profile and a OneConnect profile to ensure per-Request load-balancing decisions.

Screenshot you see I attached , if that Yellow Marked Option is selected then I see connections are distributed within backend servers. If that option is not selected I see 1 single connection ( TCP Connection ) to Only 1 node. Screenshot says HTTP Connection I am not sure if that means TCP Connection or HTTP Connection. Confused actually.

 

Assuming in the screenshot it meant TCP Connection , how does that work for HTTP Traffic once TCP Connection is closed. Sorry for my knowledge limitation.

HTTP request/responses are (currently) passed over a TCP connection.

 

A HTTP client (browser) can open a TCP connection, send an HTTP request, wait for the HTTP response, and then close the TCP connection.

 

More commonly, the HTTP client will open a TCP connection, send an HTTP request, wait for the HTTP response, send another HTTP request, wait for the HTTP response, and then eventually close the TCP connection. This is called HTTP Keep-alive or HTTP persistent connection.

 

The highlighted SoapUI option Close connection after request is actually referring to closing the TCP connection after the HTTP response, disabling HTTP persistent connection.

 

 

Hello,

Can you explain why do we need One Connect Profile ? in this situation ?

A OneConnect profile works with the HTTP profile, and when there is an HTTP Request/Response, it detaches the server-side connection from the client-side connection. Then, when the client makes a new HTTP Request, there is a new load-balancing decision for a pool member. If a pool member is selected that already has a server-side connection, that connection is reused, otherwise a new server-side connection is created.

 

This is not only more efficient, but is ensures that each HTTP Request has a load-balancing decision - without the One-Connect profile (or an irule that does a LB::detach on HTTP_RESPONSE) then there will still only be a load-balancing decision on the first request.

For my scenario , If I create a Standard Virtual Server ( Not L4 ) and do not create a One Connect Profile , it does not load balance the traffic ? Just to give an idea regarding client there are 3/4 clients will be making thousands of connections to this VIP.

 

Reason I ask is trying to clear the justification to create a Standard Virtual Sever with and Without OneConnect Profile based on my scenario.

> For my scenario , If I create a Standard Virtual Server ( Not L4 ) and do not create a One Connect Profile , it does not load balance the traffic ? Just to give an idea regarding client there are 3/4 clients will be making thousands of connections to this VIP.

 

You have to distinguish between connections and requests - the Standard Virtual Server will load-balance connections, but not requests.

 

The One-Connect profile in conjunction with an HTTP Profile will load-balance requests.