Passive FTP session load balancing from the same client

Question

I have a situation that I cannot figure out and I need some help.  I have a virtual server set up for passive FTP load balancing to a pool of four members.  &nbsp;
Right now it is set up as Performance (Layer 4), TCP and a service port of 0.&nbsp;
I have source-address-translation set to automap and a protocol profile of fastL4 with a 3600 second timeout.&nbsp;
I have source_addr persistence with Mirror Persistence, Match across Services, and Match Across Virtual Servers all checked. &nbsp;
There is also an iRule on there that looks like this to only accept the 50000-50020 and port 21 range.&nbsp;
Right now there is really only one client FTPing in and doing gets over four sessions.  The problem I have is I would like to see each of his sessions load balanced to a different server in the pool.  Can I do this?  And how would I do it?&nbsp;
when CLIENT_ACCEPTED {&nbsp;
if {([TCP::local_port] &gt;= 50000 &amp;&amp; [TCP::local_port] &lt;= 50020) || [TCP::local_port] == 21} {
   } else {
      drop
   }
}&nbsp;

kridsana · Answer

From my understanding.&nbsp;
If you use persistence, you can't load balance across pool member (F5 will send to only one member)&nbsp;
Can you just remove persistence profile from virtual server ? Is FTP working properly if remove it?&nbsp;

nitass · Answer

without ftp profile, bigip does not relate control and data channels together. now, both control and data channels are sent to the same server because of source address persistence. since there is only one client but multiple sessions, you cannot load balance ftp sessions.&nbsp;
to make it, i understand you need ftp profile and source address persistence should not be needed.&nbsp;

nitass_89166 · Answer

without ftp profile, bigip does not relate control and data channels together. now, both control and data channels are sent to the same server because of source address persistence. since there is only one client but multiple sessions, you cannot load balance ftp sessions.&nbsp;
to make it, i understand you need ftp profile and source address persistence should not be needed.&nbsp;

giltjr · Answer

I don't think you are going to be able to load balance the data connections.  Unless you have some magic FTP server the data connection must go back to the same server that the control connection is on.&nbsp;
When doing passive FTP the server opens a port to do the data transfer on and then tells the client what port it opened.  The client the connects to that port.  So if the control connection is to server 1 it will open the port for the data transfer, if you try to send the inbound request from the client to server 2, server 2 will not know anything about that port.&nbsp;

chris_grabill_2 · Answer

So if I change this to 21 source port and an FTP profile I don't need source_addr persistence?  Then each session will load balance to the next server?  I would think you need the source address persistence to keep the data and control channels together.

Forum Discussion

Passive FTP session load balancing from the same client

8 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Especial Load Balancing Active-Passive Scenario (I)

Especial Load Balancing Active-Passive Scenario (II)

NGINX Load balancing feature

Re: NGINX for Azure: Load Balancing

Deploying F5 BIG-IP with Azure Cross-region load balancer