F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP Local Traffic Manager: Implementations
  3. Load Balancing Passive Mode FTP Traffic
Manual Chapter : Load Balancing Passive Mode FTP Traffic

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 17.0.0

BIG-IP Link Controller

  • 17.0.0

BIG-IP Analytics

  • 17.0.0

BIG-IP LTM

  • 17.0.0

BIG-IP PEM

  • 17.0.0

BIG-IP AFM

  • 17.0.0

BIG-IP DNS

  • 17.0.0

BIG-IP ASM

  • 17.0.0
Manual Chapter

Load Balancing Passive Mode FTP Traffic

FTP passive mode load balancing

You can set up the BIG-IP system to load balance passive mode FTP traffic. You do this by using the default FTP profile. An
FTP profile
 determines the way that the BIG-IP system processes FTP traffic.
Additionally, you can create an iRule to apply to the FTP data channel. You apply the iRule to the data channel by assigning the iRule to the virtual server that you create.

Creating a custom FTP monitor

An FTP monitor requires a user name and password, and the full path to the file to be downloaded.
Create a custom FTP monitor to verify passive mode File Transfer Protocol (FTP) traffic. The monitor attempts to download a specified file to the
/var/tmp
 directory. If the file is retrieved, the verification is successful.
The BIG-IP system does not save the downloaded file.
  1. On the Main tab, click
    Local Traffic
    Monitors
    .
    The Monitors List screen opens.
  2. Click
    Create
    .
    The New Monitor screen opens.
  3. In the
    Name
     field, type a name for the monitor.
  4. From the
    Type
     list, select
    FTP
    .
    The screen refreshes, and displays the configuration options for the
    FTP
     monitor type.
  5. From the
    Import Monitor
     list, select an existing monitor.
    The new monitor inherits initial configuration values from the existing monitor.
  6. In the
    Interval
     field, type a number that indicates, in seconds, how frequently the system issues the monitor check. The default is
    10
     seconds.
    The frequency of a monitor check must be greater than the value of the global-level
    Heartbeat Interval
     setting. Otherwise, the monitor can acquire out-of-date data.
  7. In the
    Timeout
     field, type a number that indicates, in seconds, how much time the target has to respond to the monitor check. The default is
    31
     seconds.
    If the target responds within the allotted time period, it is considered up. If the target does not respond within the time period, it is considered down.
  8. Type a name in the
    User Name
     field.
  9. Type a password in the
    Password
     field.
  10. In the
    Path/Filename
     field, type the full path and file name of the file that the system attempts to download.
    The health check is successful if the system can download the file.
  11. For the
    Mode
     setting, select one of the following data transfer process (DTP) modes.
    Passive
    The monitor sends a data transfer request to the FTP server. When the FTP server receives the request, the FTP server initiates and establishes the data connection.
    Port
    The monitor initiates and establishes the data connection with the FTP server.
  12. From the
    Configuration
     list, select
    Advanced
    .
    This selection makes it possible for you to modify additional default settings.
  13. For the
    Up Interval
     setting, specify whether to use the up interval:
    • If you do not want to use the up interval, retain the default,
      Disabled
      .
    • To use the up interval, select
      Enabled
      , and specify how often you want the system to verify the health of a resource that is up.
  14. In the
    Time Until Up
     field, type a number that indicates the number of seconds to wait after a resource first responds correctly to the monitor before setting the resource to up.
    The default value is
    0
     (zero), which disables this option.
  15. For
    Manual Resume
    , specify whether the system automatically enables the monitored resource when the monitor check is successful.
    This setting applies only when the monitored resource has failed to respond to a monitor check.
    Yes
    The system does nothing when the monitor check succeeds, and you must manually enable the monitored resource.
    No
    The system automatically re-enables the monitored resource after the next successful monitor check.
  16. For the
    Alias Address
     setting, specify an alias IP address:
    • Retain the
      *All Addresses
       default option.
    • Type an alias IP address for the monitor to verify, on behalf of the pools or pool members with which the monitor is associated.
    If the health check for the alias address is successful, the system marks all associated objects
    up
    . If the health check for the alias address is not successful, then the system marks all associated objects
    down
    .
  17. For the
    Alias Service Port
     setting, specify an alias port or service for the monitor to check:
    • Accept the
      *All Ports
       default option.
    • Select an alias port or service for the monitor to check, on behalf of the pools or pool members with which the monitor is associated.
    If the health check for the alias port or service is successful, the system marks all associated objects up. If the health check for the alias port or service is not successful, then the system marks all associated objects down.
  18. For the
    Debug
     setting, specify whether you want the system to collect and publish additional information and error messages for this monitor.
    You can use the log information to help diagnose and troubleshoot unsuccessful health checks. To view the log entries, see the
    System
    Logs
    screens.
    Yes
    The system redirects error messages and other information to a log file created specifically for this monitor.
    No
    The system does not collect additional information or error messages related to this monitor. This is the default setting.
  19. Click
    Finished
    .
You can associate the new custom monitor with the pool that contains the FTP resources.

Creating a pool to manage FTP traffic

To load balance passive mode FTP traffic, you create a load balancing pool. When you create the pool, you assign the custom FTP monitor that you created in the previous task.
  1. On the Main tab, click
    Local Traffic
    Pools
    .
    The Pool List screen opens.
  2. Click
    Create
    .
    The New Pool screen opens.
  3. In the
    Name
     field, type a unique name for the pool.
  4. For the
    Health Monitors
     setting, in the
    Available
     list, select a monitor type, and click
    <<
     to move the monitor to the
    Active
     list.
    Hold the Shift or Ctrl key to select more than one monitor at a time.
  5. From the
    Priority Group Activation
     list, select
    Disabled
    .
  6. Add each resource that you want to include in the pool using the
    New Members
     setting:
    1. Type an IP address in the
      Address
       field.
    2. Type
      21
       in the
      Service Port
       field, or select
      FTP
       from the list.
    3. (Optional) Type a priority number in the
      Priority
       field.
    4. Click
      Add
      .
  7. Click
    Finished
    .

Creating a virtual server for FTP traffic

You can define a virtual server that references the FTP profile and the FTP pool.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    .
    The Virtual Server List screen opens.
  2. Click
    Create
    .
    The New Virtual Server screen opens.
  3. In the
    Name
     field, type a unique name for the virtual server.
  4. For the
    Destination Address/Mask
     setting, confirm that the
    Host
     button is selected, and type the IP address in CIDR format.
    The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is
    10.0.0.1
     or
    10.0.0.0/24
    , and an IPv6 address/prefix is
    ffe1::0020/64
     or
    2001:ed8:77b5:2:10:10:100:42/64
    . When you use an IPv4 address without specifying a prefix, the BIG-IP system automatically uses a
    /32
     prefix.
    The IP address you type must be available and not in the loopback network.
  5. In the
    Service Port
     field, type
    21
     or select
    FTP
     from the list.
  6. For the
    FTP Profile
     setting, select the default profile,
    ftp
    .
  7. Locate the Resources area of the screen; for the
    Related iRules
     setting, from the
    Available
     list, select the name of the iRule that you want to assign and move the name to the
    Enabled
     list.
    This setting applies to virtual servers that reference a profile for a data channel protocol, such as FTP or RTSP.
  8. In the Resources area of the screen, from the
    Default Pool
     list, select the relevant pool name.
  9. Click
    Finished
    .
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information