Basic F5 Big IP LTM Setup

IN THIS ARTICLE:

 

Overview

This article provides guidance in setting up F5 Big-IP LTM for FASP transfers. It provides general best practices in setting up F5 Big-IP Load balancer to provide proper configuration for FASP transfers. Some configurations will vary depending on the environment and use case. This is a general guideline and not to be used as a definitive guide.

Attached the end of this article is a PDF version of these guidelines.

 

Prerequisites

Existing Infrastructure

The assumption is that the F5 Big-IP LTM is setup properly and licensed accordingly to provide the functionality needed for FASP transfers.

Enterprise Server IP address

  • 10.128.20.10/24

  • 10.128.20.11/24

Product/Version used in this test

  • 2 x Aspera Enterprise Server 3.4.5 on Centos 6.6

  • Aspera Client 3.4.5 for Windows

  • F5 Big-IP 11.6.0 Build 0.0.401 VE Edition Final Running on ESX 5.5

  • Windows 8 Workstation

Warning: While using SNAT on your F5 Big IP LTM is supported, there may be certain disadvantages if you have particular requirements of your product. Some of the ways your products can be impacted include but are not limited to the following:
  • All the clients connecting to your Aspera product will be reported as coming from one IP address. For example, Console transfer reports and Faspex package downloads will show the IP address of the F5 rather than the individual IP addresses of clients. This makes accurate reporting and troubleshooting of problems difficult because you cannot tell where clients are coming from.
  • While not commonly used, your products will no longer support the Vlink bandwidth cap by peer IP address feature.

 

Infrastructure Setup

In this example we create a virtual server with IP 10.128.10.20/24 that will enable us to utilize the LB functionality of the F5 Big-IP to access the HA Aspera FASP transfer nodes. You can optionally use F5 to create http(s) VIPs to load balance the web application such as Faspex or Shares.

 

Creating http and https Pool and Virtual Server

Create a http and https Pool

Create 2 pools containing the two web Faspex/Shares servers, one for http and the other for https.

Open the Local Traffic > Pool > Pool List Page, and then click Create. Fill in the appropriate fields with the following:

Name

http_pool / https_pool

Health Monitors

tcp

Load Balancing Method

Least Connection (node)

Priority Group Activation

Disabled

New Members

(Click Add for each entry)

Node Name

Address

Service Port

leave empty

10.128.20.10

80 /443

leave empty

10.128.20.11

80 /443

 

 

Create TCP based Virtual Servers that Uses the http/https Pool

Open the Local Traffic> Virtual Servers > Virtual Server list page, and then click Create.  Fill in the appropriate fields with the following:

Name

vip_http/vip_https

Type

Standard

Destination Address

10.128.10.20

Service Port

80/443

State

Enabled

Protocol

TCP

Protocol Profile

tcp

Default Pool

http_pool/https_pool

Default Persistence Profile

source_addr

 

Creating FASP Pool and Virtual Server

Create a FASP Pool

Create a pool containing the two Enterprise transfer servers.

Open the Local Traffic > Pool > Pool List Page, and then click Create. Fill in the appropriate fields with the following:

Name

fasp_pool_33001

Health Monitors

tcp

Load Balancing Method

Least Connection (node)

Priority Group Activation

Disabled

New Members

(Click Add for each entry)

Node Name

Address

Service Port

leave empty

10.128.20.10

33001

leave empty

10.128.20.11

33001


Click Finished when done.

Create TCP based Virtual Server that Uses the Fasp Pool

Open the Local Traffic> Virtual Servers > Virtual Server list page, and then click Create. Fill in the appropriate fields with the following:

Name

vip_tcp_33001

Type

Standard

Destination Address

10.128.10.20

Service Port

33001

State

Enabled

Protocol

TCP

Protocol Profile

tcp-lan-optimized

Default Pool

fasp_pool_33001

Default Persistence Profile

source_addr

Click Finished when done.

Create UDP based Virtual Server that Uses the Fasp Pool

Open the Local Traffic> Virtual Servers > Virtual Server list page, and then click Create:

Name

vip_udp_33001

Type

Standard

Destination Address

10.128.10.20

Service Port

33001

State

Enabled

Protocol

UDP

Protocol Profile

udp

Default Pool

fasp_pool_33001

Default Persistence Profile

source_addr

Click Finished when done.

Update the source_addr Persistence configuration

Open Local Traffic> Profile: Persistence. Click on source_addr.

 

When you have completed all the steps above you should see something like this on the Bip-IP Virtual Server List:

 

Command line output of F5 Big-IP configuration

ltm virtual vip_http {
   destination 10.128.10.20:http
   ip-protocol tcp
   mask 255.255.255.255
   persist {
       source_addr {
           default yes
       }
   }
destination 10.128.10.20:http
   ip-protocol tcp
   mask 255.255.255.255
   persist {
       source_addr {
           default yes
       }
   }
   pool http_pool
   profiles {
       tcp { }
   }
   source 0.0.0.0/0
   vs-index 19
}

ltm virtual vip_https {
   destination 10.128.10.20:https
   ip-protocol tcp
   mask 255.255.255.255
   persist {
       source_addr {
           default yes
       }
   }

   pool https_pool
   profiles {
       tcp { }
   }
   source 0.0.0.0/0
   vs-index 20
}

ltm virtual vip_tcp_33001 {
   destination 10.128.10.20:33001
   ip-protocol tcp
   mask 255.255.255.255
   persist {
       source_addr {
           default yes
       }
   }

   pool fasp_pool_33001
   profiles {
       tcp-lan-optimized { }
   }

 

source 0.0.0.0/0
   vs-index 14
}

ltm virtual vip_udp_33001 {
   destination 10.128.10.20:33001
   ip-protocol udp
   mask 255.255.255.255
   persist {
       source_addr {
           default yes
       }
   }

   pool fasp_pool_33001
   profiles {
       udp { }
   }

   source 0.0.0.0/0
   vs-index 15

} ltm pool fasp_pool_33001 {
   load-balancing-mode least-connections-node
   members {
       10.128.20.10:33001 {
           address 10.128.20.10
           session monitor-enabled
           state up
       }

       10.128.20.11:33001 {
           address 10.128.20.11
           session monitor-enabled
           state up
       }
   }

   monitor tcp

}

ltm pool http_pool {
   load-balancing-mode least-connections-member
   members {
       10.128.20.10:http {
           address 10.128.20.10
           session monitor-enabled
           state up

       }

       10.128.20.11:http {
           address 10.128.20.11
           session monitor-enabled
           state up
       }
   }
   monitor tcp
}

ltm pool https_pool {
load-balancing-mode least-connections-node
   members {
       10.128.20.10:https {
           address 10.128.20.10
           session monitor-enabled
           state up
       }

       10.128.20.11:https {
           address 10.128.20.11
           session monitor-enabled
           state up
       }
   }
   monitor https
}

  

Summary 

This is a simple way to set up F5 Big-IP Load Balancer to work with Aspera Transfer products.

 

Attachments

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk