Forum Discussion

Gudmo_34348's avatar
Gudmo_34348
Icon for Nimbostratus rankNimbostratus
Mar 01, 2007

Loadbalancing multiport applications

I'm new to iRules or F5 altogether for that matter.

 

 

I'm trying to loadbalance an application,

 

I will have 4 servers running the application and each instance runs with two ports open.

 

 

My question is.

 

How can I guarentee persistance so that the client that connects to the

 

application on one port connects to the same server on the other port?

 

 

Client ----> F5:9000 ---> ServerA:9000

 

 

Then he uses another feature in it's client framework and needs to connect to the

 

other port on ServerA Client ----> F5:9001 ---> ServerA:9001..

 

 

But I'm unsure what persistance iRule to use as I don't understand it's syntax.

 

 

Cany anyone help me with this dilemma?

7 Replies

  • The problem is that the application in question uses 2 standard ports, not just the one.

     

    So when a client connects he always uses port A, but certain actions within the client use port B.

     

     

    The authentication and session of the user will not function unless he connects to the same server when he adds the Port B connection, or C or D for that matter.

     

     

    In my case I have 2 physical servers each running 2 binaries that present the application layer, each of these binaries run on 2 ports.

     

     

    I'll try to draw a simple ascii of this

     

     

    Node A

     

    App 1App2

     

    Port 1aPort 1bPort 2aPort 2b

     

     

    Each port represents a seperate pool and a seperate VS.

     

    So in this case I have 4 Pools and 4 VS for each Node.

     

     

    I'm pretty sure that Matching VS will not work as the ports are on different VSs.

     

    Neither will matching across pools because of the same issue, not sure about matching

     

    across services or what that does.

     

     

    I've tried to use the Source Address and Destination address methods but those don't

     

    really work all too well with the applications so I assume I will need something custom,

     

    like an iRule to make the connections "Match Across Nodes" so to speak.

     

     

    In as short as possible.

     

    It would be best that if a client connects into any 1 port, any other port connections that

     

    client makes after that always go to the same node he connected to first.

     

     

    Hope that clears up any confusion I may have created with my first post (Not really sure what

     

    I'm doing so I'm a little confused myself)

     

  • If you want to use separate, single port virtual servers and pools for each port (aka "service") and have persistence across all of them, you'd want to use one custom source address persistence profile attached to all of the virtual servers, with match across virtuals, match across pools and match across services all enabled on the profile.

     

     

    You shouldn't need a rule for this. You can check the config guide on AskF5 for details on the persistence profile options.

     

     

    Aaron
  • I did try that, but I think I need a rule for this as one of the binaries in question doesn't work when using source address persistance.
  • Marcus_Slawik_8's avatar
    Marcus_Slawik_8
    Historic F5 Account
    Gudmo, did you test with a vs:* already? does this one work, or don't you want to go that way at all?
  • If you tested using source persistence with all three "match across ..." options enabled, I'd expect the client would be persisted to the same node regardless of which service the request was made over.

     

     

    Before trying to write an iRule, I'd suggest troubleshooting the existing failure to make sure you understand what's happening. If you did write an iRule to mimic the persistence behavior, you might end up in the current situation but having taken a longer route.

     

     

    You can use the 'b persist show all' command to view the existing persistence records. If you have any questions on troubleshooting the issue, try contacting F5's support group.

     

     

    Aaron
  • we've seen numerous bugs with "match across services," both with cookie insert and with source-addr persist.

     

     

    the only way we got this config to work was to use cookie insert, and an all-services pool.

     

    both single port virtuals bind the same pool. drawback is you can't do port-remapping with this scenario.

     

     

    very consistent perf now, with no performance killing irules.

     

     

    FWIW,

     

    psf