Forum Discussion

Ahsan_2380's avatar
Ahsan_2380
Icon for Nimbostratus rankNimbostratus
Dec 23, 2008

Loadbalancing LDAP Servers

hi

 

 

we are using f5 big ip 6400 ver 9.4.4.

 

 

we are load balancing 4 websphere servers with applications running on it. The application are authenticated against a LDAP server.

 

The LDAP server are also loadbalanced on the same BIG IP.

 

 

Initially the servers were getting authenticated against the VIP of LB and we could see the change in statistics as users login

 

 

But now there is no such stats visible even hundreds of users login.

 

 

But when we check the logs on the LDAP server,it shows that there are connections from the websphere servers.

 

The logs on the ldap server shows that there are connections only from certain servers...maybe frm serv 1 or 3..so on..it keeps changing.

 

 

So why it is not reflecting in stats of my VIP.

 

 

Is it because it is bypassing the VIP and going directly to the servers ??

 

The LDAP servers dont have persistence enabled.

 

So when one of the LDAP servers go down,it takes atleast 10 mins to get the websphere servers to the next ldap server

 

Any help...why this is happening..
config
design

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Dec 23, 2008
    You could add an iRule to the HTTP(S) and LDAP VIPs to log the connections or you could run tcpdump. Once you have an idea of the traffic flow, you could troubleshoot the slowness in the websphere connections being re-load balanced to a new member.

     

     

    If you have a monitor configured on the pool and a member goes down, you can configure LTM to send a TCP reset or reselect a new pool member. By default nothing is done, so the TCP connection would just time out. You can configure this behavior on the pool using the 'action on service down' option. Note that there was an issue with the reselect option in some versions (SOL8160 Click here).

     

     

    Aaron