Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Questions and Answers

Loading... Loading...

BIG-IP 9.4.4 Build 94.0 Hotfix HF3

We have some F5 Load balancers that are load balancing apache webservers and the traffic at the moment is pretty lightweight. However, we have introduced an application recently that allows users in the company to upload and download attachments (various sizes).

If we go direct to the apache's, the file speeds up or down are as you would expect. However, when going via our VIP/Pool, speeds are like being on a 10MB's half duplex network....very slow.

We have spent the day eliminating all the possible components, from SAN writing, server to server packet tracing, Database blob/clob writing speeds and are 99% sure that the problem lies within the F5.

Anyone got any experience of configuring the F5 to handle larger files sizes rather than small chunks of HTTP traffic. The F5 we have is pretty much out of the box in terms of TCP profiles/buffer sizes etc.

Your help and guidance is appreciated.

7 Answer(s):

What kind of times are you seeing direct versus through LTM? Are the interface(s) on LTM set to the correct speed/duplex? Have you tried the TCP lan optimized profile for client and server side TCP profiles on the virtual server? If you capture a tcpdump, do you see any glaring issues?

Times vary - going direct to an Apache or IIS server, we are seeing a download of 25MB of around 4-5 secs. When we put the same server behind and F5, more like 40-50 secs.

We have toy'ed with the TCP profiles. On some vip's changed some values and improved the speed to 20 secs...but its still not like for like.

Before we start playing around with the TCP profile, I wanted to clarify what I was doing on here to see if anyone had experienced similar. For all we know, we could improve larger file speeds - but degrade smaller!

I'll get my network people here to dump when I am downloading....as you said, there could be evidence here.

Many Thanks - Greg
Do you see any packet drop from "b interface show"? If yes, check the speed/duplex setting or try to change the cable.
YMMV, but I would try to disable Nagle's algorithm in the tcp profile settings - it may help (it depends on how the app works). I ran into an app just yesterday that was ~2x slower with Nagle's enabled. We disabled it and the performance was excellent.

We have seen this, especially downloading large files across a VPN connection, where going through the LTM was noticeably slower than going directly to the server.

For our situation, one thing we noticed was that the MSS is negotiated between the LTM and client at (something like) 1380 and was negotiated to 1480 between the LTM and web server. With large files, this caused the LTM to have to fragment each packet and significantly slowed down the overall download speed.

We enabled the "Proxy Maximum Segment" TCP Option which helped so that it is the same MSS on both sides of the connection and prevents fragmented packets.

Greg, did you find the solution? We ran into exactly the same issue and trying to resolve it now.

Hi Stas,

Take a look at some of the posts in this thread for ideas you can try to troubleshoot/resolve this. The first step would probably be to capture tcpdumps of the issue and analyse those. If you try these steps and they don't work, reply here or consider opening a case with F5 Support to get help.


Your answer:

You must be logged in to reply. You can login here.