Forum Discussion

ales_2527's avatar
ales_2527
Icon for Nimbostratus rankNimbostratus
Dec 17, 2007

enabling/disabling node/member takes a lot of time

Hi,

 

 

I have to SNMP-trap receivers in a pool behind F5 bigip.

 

If I disable one node or pool member, traps are still coming for a minute or two. Sometimes even up to 10minutes or more, depends on how much SNMP traps I am generating while I wait for change.

 

If I leave it alone (not generating SNMP traps) it takes about a minute or two. In real life scenario SNMP traps would be at much higher constant rate.

 

 

It's UDP so there shouldn't be any level 3 logic involved behind, so why does it take so long to reload config which is written immediately (to bigip.conf and bigip_local.conf?

 

 

On other hand if a monitor fails, the takeover takes place immediately (as in specified timeout).

 

 

Config:

 

 

virtual address 192.168.1.80 {

 

floating disable

 

unit 0

 

}

 

virtual trap_vs {

 

destination 192.168.1.80:snmptrap

 

ip protocol udp

 

translate address disable

 

translate service disable

 

pool TRAP_pool

 

 

pool TRAP_pool {

 

lb method member ratio

 

action on svcdown reselect

 

snat disable

 

nat disable

 

monitor all gateway_icmp and Trap_port_opened and nms_database

 

member 192.168.1.7:snmptrap

 

member 192.168.1.8:snmptrap

 

management
monitoring

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Dec 31, 2007
    I would guess that enabling 'LB datagram' on the UDP profile for this virtual server would fix this. With this option disabled (as it is by default), LTM considers UDP packets coming from the same source IP and port as part of a 'connection'. So when you disable a node, 'persistent connections' will still be allowed.

     

     

    SOL7535 (Click here) states:

     

     

     

    The Datagram LB option, which is disabled by default, specifies that the system load balances UDP traffic packet-by-packet and does not treat UDP packets from the same source and port as part of a connection. This setting overrides the default behavior of the UDP profile. The following option is available in BIG-IP LTM version 9.4 and later.

     

     

     

     

    I'm fairly certain this option has been around for much longer than 9.4. SOL3605 (Click here) states it was added in 9.0.3.

     

     

    Aaron
  • Deb_Allen_18's avatar
    Deb_Allen_18
    Historic F5 Account
    Jan 17, 2008
    Thanks for catching that, hoolio.

     

     

    It could be that this statement in SOL7535 truly does apply to the next item in the table (Allow No Payload), rather than to Datagram LB: "The following option is available in BIG-IP LTM version 9.4 and later."

     

     

    I've opened a Support case to have both solutions reviewed for accuracy.

     

     

    /deb