Forum Discussion

mr_skater99_640's avatar
mr_skater99_640
Icon for Nimbostratus rankNimbostratus
Aug 06, 2009

Persistence Questions

Hi all,

 

 

We have a v9.3.x BigIP sitting in front of two LDAP's (specifically Sun Directory Server), as part of an Sun OpenSSO deployment.

 

 

The documentation which is out of date (http://docs.sun.com/app/docs/doc/820-5985/gfoaa?l=en&q=opensso&a=view) says to set the pool persistence to "simple" with a time out of 300 seconds.

 

 

Our networks guys have promptly told me that the persistence is now set per VIP - cool, no problems with that.

 

 

But also that the "Simple" persistence setting doesn't exist on our BigIP's.

 

 

They've suggest the "SIP" profile - but can't tell me exactly what that persistence profile does.

 

 

Can someone make a suggestion around what we should be using in terms of persistence? We are looking for the BigIP to persist per TCP connection. Maybe this is the default behaviour??

 

 

From what I understand LDAP connections are long lived and reused for multiple requests. We have replication going on between the SDS boxes, and so want to make sure that all the requests in a connection go to the one SDS so they aren't trying to replicate as much, compared to if each request was going to a different box.

 

 

As a footnote though - if a connection is persisted to one of the boxes in the pool - and that box dies - does the F5 reset the persistence and pass that request over to one of the other boxes in the pool (transparently to the box that made the request)? The network guys seem to think it will just drop the rest of that connection (potentially reset it).

 

 

Thanks!

 

 

config
design

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 06, 2009
    Hi,

     

     

    Simple persistence is now known as source address persistence or source address affinity. Using source address persistence, requests from the same client IP address (or subnet) are persisted to the same server.

     

     

    If LTM marks a pool member down, the pool's setting for 'action on service down' is used. You can check the online help for details for the option:

     

     

     

    Action on Service Down

     

     

    Specifies how the system should respond when the target pool member becomes unavailable. The default is None.

     

     

    * None: Specifies that the system does not select a different node. Selecting None causes the system to send traffic to the node even if it is down, until the next health check is done.

     

    * Reject: Specifies that the system sends an RST or ICMP message.

     

    * Drop: Specifies that the system simply cleans up the connection.

     

    * Reselect: Specifies that the system selects a different node. Selecting Reselect causes the system to send traffic to a different node after receiving the message that the original node is down.

     

     

     

     

    Aaron
  • mr_skater99_640's avatar
    mr_skater99_640
    Icon for Nimbostratus rankNimbostratus
    Aug 06, 2009
    Thanks for the reply!

     

     

    Am I reading that right, in that if left to 'none' (default), and I am sending traffic to box 1 in the pool (and stuck to that box because of source address persistence), and box 1 goes down - all my requests are then dropped???

     

     

    Seems strange for default behaviour - I'd expect it to just 'fail over' or reselect another pool member.

     

     

    Of course I could be reading that wrong...
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 06, 2009
    The default behavior is to do nothing for the existing TCP connections and stop selecting the down server for future requests (whether there is a current persistence record or not). I guess there isn't another option that would make sense for all protocols and applications.

     

     

    Aaron