Manual Chapter :
Load Balancing Passive Mode FTP Traffic with Data Channel Optimization
Applies To:
Show VersionsBIG-IP AAM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP APM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP Analytics
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP Link Controller
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP LTM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP PEM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP AFM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP DNS
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
BIG-IP ASM
- 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0
Load Balancing Passive Mode FTP Traffic with Data Channel Optimization
Overview: FTP passive mode load balancing with data channel optimization
You can set up the BIG-IP system to load balance passive mode FTP
traffic, with optimization of both the FTP control channel and the data channel.
By default, the BIG-IP system optimizes FTP traffic for the control channel, according to the
configuration settings in the default client and server TCP profiles assigned to the virtual
server. When you use this particular implementation, you also configure the system to take
advantage of those same TCP profile settings for the FTP data channel. This provides useful
optimization of the data channel payload.
Task summary for load balancing passive mode FTP traffic
You can perform these tasks to configure FTP passive mode load balancing that optimizes traffic
on both the control channel and data channel.
Creating a custom FTP profile
You create a custom FTP profile when you want to fine-tune the way that the BIG-IPsystem manages FTP traffic. This procedure creates an FTP profile and optimizes the way that the BIG-IP system manages traffic for the FTP data channel.
- On the Main tab, click.The FTP profile list screen opens.
- ClickCreate.The New FTP Profile screen opens.
- In theNamefield, type a unique name for the profile.
- From theParent Profilelist, select the defaultftpprofile.
- Select theCustomcheck box.
- For theInherit Parent Profilesetting, select the check box.This optimizes data channel traffic.
- ClickFinished.
The custom FTP profile now appears in the FTP profile list screen.
Creating a custom FTP monitor
An FTP monitor requires a user name and password, and the full path to the file to
be downloaded.
The BIG-IP system does
not save the downloaded file.
Create a custom FTP monitor to verify passive mode File Transfer
Protocol (FTP) traffic. The monitor attempts to download a specified file to the
/var/tmp
directory. If the file is retrieved, the
verification is successful. The BIG-IP system does
not save the downloaded file.
- On the Main tab, click.The Monitors List screen opens.
- ClickCreate.The New Monitor screen opens.
- In theNamefield, type a name for the monitor.
- From theTypelist, selectFTP.The screen refreshes, and displays the configuration options for theFTPmonitor type.
- From theImport Monitorlist, select an existing monitor.The new monitor inherits initial configuration values from the existing monitor.
- In theIntervalfield, type a number that indicates, in seconds, how frequently the system issues the monitor check. The default is10seconds.The frequency of a monitor check must be greater than the value of the global-levelHeartbeat Intervalsetting. Otherwise, the monitor can acquire out-of-date data.
- In theTimeoutfield, type a number that indicates, in seconds, how much time the target has to respond to the monitor check. The default is31seconds.If the target responds within the allotted time period, it is considered up. If the target does not respond within the time period, it is considered down.
- Type a name in theUser Namefield.
- Type a password in thePasswordfield.
- In thePath/Filenamefield, type the full path and file name of the file that the system attempts to download.The health check is successful if the system can download the file.
- For theModesetting, select one of the following data transfer process (DTP) modes.PassiveThe monitor sends a data transfer request to the FTP server. When the FTP server receives the request, the FTP server initiates and establishes the data connection.PortThe monitor initiates and establishes the data connection with the FTP server.
- From theConfigurationlist, selectAdvanced.This selection makes it possible for you to modify additional default settings.
- For theUp Intervalsetting, specify whether to use the up interval:
- If you do not want to use the up interval, retain the default,Disabled.
- To use the up interval, selectEnabled, and specify how often you want the system to verify the health of a resource that is up.
- In theTime Until Upfield, type a number that indicates the number of seconds to wait after a resource first responds correctly to the monitor before setting the resource to up.The default value is0(zero), which disables this option.
- ForManual Resume, specify whether the system automatically enables the monitored resource when the monitor check is successful.This setting applies only when the monitored resource has failed to respond to a monitor check.YesThe system does nothing when the monitor check succeeds, and you must manually enable the monitored resource.NoThe system automatically re-enables the monitored resource after the next successful monitor check.
- For theAlias Addresssetting, specify an alias IP address:
- Retain the*All Addressesdefault option.
- Type an alias IP address for the monitor to verify, on behalf of the pools or pool members with which the monitor is associated.
If the health check for the alias address is successful, the system marks all associated objectsup. If the health check for the alias address is not successful, then the system marks all associated objectsdown. - For theAlias Service Portsetting, specify an alias port or service for the monitor to check:
- Accept the*All Portsdefault option.
- Select an alias port or service for the monitor to check, on behalf of the pools or pool members with which the monitor is associated.
If the health check for the alias port or service is successful, the system marks all associated objects up. If the health check for the alias port or service is not successful, then the system marks all associated objects down. - For theDebugsetting, specify whether you want the system to collect and publish additional information and error messages for this monitor.You can use the log information to help diagnose and troubleshoot unsuccessful health checks. To view the log entries, see thescreens.YesThe system redirects error messages and other information to a log file created specifically for this monitor.NoThe system does not collect additional information or error messages related to this monitor. This is the default setting.
- ClickFinished.
You can associate the new custom monitor with the pool that contains
the FTP resources.
Creating a pool to manage FTP traffic
To load balance passive mode FTP traffic, you create a load balancing pool. When
you create the pool, you assign the custom FTP monitor that you created in the previous
task.
- On the Main tab, click.The Pool List screen opens.
- ClickCreate.The New Pool screen opens.
- In theNamefield, type a unique name for the pool.
- For theHealth Monitorssetting, in theAvailablelist, select a monitor type, and click<<to move the monitor to theActivelist.Hold the Shift or Ctrl key to select more than one monitor at a time.
- From thePriority Group Activationlist, selectDisabled.
- Add each resource that you want to include in the pool using theNew Memberssetting:
- Type an IP address in theAddressfield.
- Type21in theService Portfield, or selectFTPfrom the list.
- (Optional) Type a priority number in thePriorityfield.
- ClickAdd.
- ClickFinished.
The pool to manage FTP traffic appears in the Pools list.
Creating a virtual server for FTP traffic
You can define a virtual server that references the FTP profile and the FTP pool.
- On the Main tab, click.The Virtual Server List screen opens.
- ClickCreate.The New Virtual Server screen opens.
- In theNamefield, type a unique name for the virtual server.
- For theDestination Address/Masksetting, confirm that theHostbutton is selected, and type the IP address in CIDR format.The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is10.0.0.1or10.0.0.0/24, and an IPv6 address/prefix isffe1::0020/64or2001:ed8:77b5:2:10:10:100:42/64. When you use an IPv4 address without specifying a prefix, the BIG-IP system automatically uses a/32prefix.The IP address you type must be available and not in the loopback network.
- In theService Portfield, type21or selectFTPfrom the list.
- From theFTP Profilelist, select the custom profile that you created earlier.
- Locate the Resources area of the screen; for theRelated iRulessetting, from theAvailablelist, select the name of the iRule that you want to assign and move the name to theEnabledlist.This setting applies to virtual servers that reference a profile for a data channel protocol, such as FTP or RTSP.
- In the Resources area of the screen, from theDefault Poollist, select the relevant pool name.
- ClickFinished.
The custom FTP virtual server appears in the Virtual Servers list.
Implementation result
A BIG-IP system with this configuration can process FTP traffic in passive mode, in a way that
optimizes the traffic on both the control channel and the data channel. This optimization is
based on the settings of the default client-side and server-side TCP profiles.