Forum Discussion

Brian_Wright_21's avatar
Brian_Wright_21
Icon for Nimbostratus rankNimbostratus
Sep 24, 2015

F5 vserver and ping handling

I'm a bit new to the F5 and its underlying networking stack. So, I want to better understand how the F5 handles ping responses to a vserver versus how it handles load balancing of traffic.

 

Typically, in monitoring, I will ping a server to see if there is any latency on the network or device. However, since this is a load balancer, I'm not certain if my assumptions still hold true about pings received from an F5. My assumption is as follows...

 

I see a ~100ms ping response from a vserver. Is my assumption true that traffic destined to that vserver will suffer from the same 100ms latency seen in the ping? Or, is it false in only the ping itself is suffering from this latency due to prioritized ICMP traffic? I know that some devices can prioritize the responses for ICMP traffic differently from TCP or UDP traffic. I just don't know enough about the internals of packet handling to know if the ping latency is representative of the slowness that would be experienced by TCP traffic sent through that same vserver.

 

If anyone has any experience in this area, please let me know.

 

application delivery
availability
design
monitor
performance

1 Reply

Sort By
  • Hannes_Rapp's avatar
    Hannes_Rapp
    Icon for Nimbostratus rankNimbostratus
    Sep 24, 2015

    Your assumption is almost true, the 100ms of delay as you meassured is the ICMP Round Trip Time (RTT) for establishing a Clientside Connection (from your Ping Machine to BigIP Clientside Listener). As you may have heard, F5 is a Full Proxy device, therefore it's not all of the delay. On top of that, you will have to add the delay which comes from establishing the Serverside Connection (from BigIP to Pool Member Listener).

     

    In regards to prioritizing the production traffic over irrelevant pings and appliance management, that also holds true with BigIP. For instance, if you consume the appliance resource by extensive use of the Graphical User Interface, your management sessions will be disconnected before the impact hits real production traffic. With that said, in any LAN environment, network-level delay in excess of 100ms should never occur even for the non-production Ping tests. Is the Internet in between your Ping Machine and F5 clientside listener? Other than that, your appliance really has to be under a heavy load for that to happen.

     

    To monitor the true delay of your TCP or UDP application, I recommend to have a look around the DevCentral and try some of the logging iRules, either local appliance logging or remote syslog - whatever suits you better. There are a plenty of examples for both.