Forum Discussion

Vic_13197's avatar
Vic_13197
Icon for Nimbostratus rankNimbostratus
Dec 01, 2010

Moving away from "load balancing" to application delivery

 

At my company, we purchased our LTMs to simply do load balancing. But since I took the F5 class, and reading here, it's obvious that we are barely using the features that these LTMs come up. The problem I have now, is in convincing our application team that we need to change our approach.

 

 

Currently, I'm being told that users aren't complaining about performance, and therefore we probably don't need to change anything. Can someone please point me to an article or help explain why it's important to start doing stuff at Layer 7 (even though "users aren't complaining)?

 

 

Thanks so much!

 

4 Replies

  • Are you at the very least using SSL offload?

     

     

    Is TCP-Multiplexing feasible for your environment? Application Delivery isn't just about improving user experience. Often, it's about making more efficient use of resources.
  •  

    Sounds like it's not an uncommon scenario... I'm one person against many who are already comfortable with the status quo. Currently we do no SSL offloading, and I'm working on trying to get that changed. All the TCP and other settings are essentially "default". Default TCP profile, Simple persistence...etc.

     

     

    Trying to figure out how to make the case so that they get excited about changing their ways.

     

  • Vic,

     

     

    I sometimes wish I had your problem. Here are the selling points and vectors.

     

     

    Know your customers! The app teams are usually the drivers and if you show them how much you can do for/with them they will likely see the light.

     

     

    Single threat surface that can be managed universally with updates and policies that can be quickly defined and tuned to fix or avoid costly security issues.

     

    How many times have they had an SSL cert expire without knowing ahead of time.

     

    Easy to do with LTM and braid dead easy with LTM and EM.

     

    Don't forget centralized authentication to all applications and the best thing is the end-user can't even reach the server until they are authorized so you again are more secure.

     

     

    Almost every outage that happens or delay in service I can show where it would have worked better or not even have happened with the proper LTM configuration in front of the application.

     

     

    Good health monitors that actually detect the application's worthiness to handle traffic are fundamental. With these and the LTM SNMP system you have a very close to real time picture of what's happened/or going to.

     

     

    Again, grass roots your passion and knowledge into the groups/people that can really see the benefits. Have more casual conversations with them and tease out their worst problems. Come back later and mention you have a solution or part of the solution with the technology you manage.

     

     

    Good luck.

     

     

  • Ditto what Matt said. I also am a former customer, and came to F5 for many of the same reasons. The switch from 1024->2048 will almost surely cost organizations $$$ who don't offload ssl. This is a good starting point for discussion with your management and server sys admins, find out where their plans are leading them to handle the additional processing.