Forum Discussion

Tony_92768's avatar
Tony_92768
Icon for Nimbostratus rankNimbostratus
Aug 06, 2008

Load Balancing an Application Using Multiple Ports

First off, I searched the forums and did not find anything similar to what I am dealing with.

 

 

I am trying to set up load balancing for an application that utilizes multiple ports. By that, I mean the application is not FTP but behaves in a manner similar to passive mode FTP with the initial connection being made on TCP port "A" and a secondary connection being made on TCP port "B" where "B" is a single port in a defined range of ports.

 

 

Note - The application is not browser based.

 

 

The configuration I am considering involves two VIP's -

 

 

VIP1:A

 

Pool1

 

Node X:A

 

Node Y:A

 

 

VIP2:ANY

 

Pool2

 

Node X:ANY

 

Node Y:ANY

 

 

The problem is one of persistence across the two VIP's. If the initial connection on TCP port "A" comes in via VIP1 to Node X in Pool1, how can I guarantee the secondary connection gets sent to the Node X, and not Node Y, in Pool2 which is associated with VIP2?

 

 

Here's what I want:

 

 

VIP1 --> Pool1 --> Node X:A

 

VIP2 --> Pool2 --> Node X:B

 

 

Here's what I don't want since it will break the app:

 

 

VIP1 --> Pool1 --> Node X:A

 

VIP2 --> Pool2 --> Node Y:B

 

 

 

Does anyone have any suggestions/recommendations on how to approach this configuration? Will an iRule be able to handle the logic I need to maintain the persistence across VIP's? Remember, the application is not browser based so standard browser-centric approaches using cookies, profiles, etc., don't seem to apply - at least none that I've found.

 

 

Any assistance would be greatly appreciated.

 

 

Thanks,

 

 

Tony
application delivery
dev
devops
iRules

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 06, 2008
    Hi Tony,

     

     

    What criteria do you want to use to identify a client to persist? Is it source IP address or some component of the request headers or request data?

     

     

    If you just want to persist based on the source IP, you can create a custom source address persistence profile with "match across *" enabled (Click here). Add the same profile to both VIPs and you should be set.

     

     

    If you want to pick out something from the payload, you could collect it with TCP::collect and TCP::release commands (Click here) and then persist off of it using the persist command (Click here). This would add more complexity and overhead compared with source address persistence.

     

     

    If you have questions on either option let us know.

     

     

    Aaron
  • Nicolas_Menant's avatar
    Nicolas_Menant
    Icon for Employee rankEmployee
    Aug 06, 2008
    I agree with hoolio, activate the match across services and match accross virtual servers in a persistence profile would be the best option.

     

     

    I you can avoid to use an iRule it would be easier to maintain the box.
  • Tony_92768's avatar
    Tony_92768
    Icon for Nimbostratus rankNimbostratus
    Aug 06, 2008
    Aaron (hoolio),

     

     

    It's source address persistence that I'm after in this setup. Thanks for the link to SOL5837. I was aware of the various "Match Across *" check boxes on the source_addr persistence profile but have never seen a clear explanation (or example) of what each option meant.

     

     

    I will set up a custom profile and give it a whirl.

     

     

     

    nmenant,

     

     

    Thanks for your add-on comment/suggestion. As it turns out, both VIP1 and VIP2 will be the same IP address and, based on the examples described in SOL5837, I don't believe I'll need to check "Match Across Virtual Servers" in order to maintain the persistence I'm looking for.

     

     

    Thanks,

     

     

    Tony