Re: [fw-wiz] External Load Balancing

From: John Hall (j.hall_at_f5.com)
Date: 01/08/05

  • Next message: Kevin: "Re: [fw-wiz] External Load Balancing"
    To: Warren Verbanec <Warren.Verbanec@resilience.com>
    Date: Fri, 07 Jan 2005 16:05:54 -0800
    
    

    Warren,

    I can't let that pass without comment. I'm no marketdroid but I've been
    somewhat involved with validating the performance numbers on some of our
    boxes, and while you're right that there are exceptions, it's generally
    a very simple equation. The smarter you want the LB to be, the slower
    it's going to process packets. With our current v9.x products, if you
    only want to do what Foundry (or most of the other vendors products) do,
    then we are quite competitive. If you turn on all the whiz-bang features
    (not available on the other boxes), then it's gonna slow down.

    When did you do the the IXIA testing you are basing your opinion upon and
    with which cards? We've worked with IXIA for the last two years getting
    their products to create *realistic* loads. Several years ago, many of
    the connections per second statistics were being produced using 1 byte
    payload packets, or even worse, broken TCP sessions with no data (ever
    heard of a three packet TCP session?), and we at F5 just don't expend
    a whole lot of energy making our boxes perform well for such broken
    and unrealistic tests. For reasonable packet sizes, our current generation
    is quite capable of filling a multiple gigabit pipe, even when performing
    some pretty advanced rewrites.

    My suggestion to the original poster would be to be sure they understand
    the characteristics of the load they need to balance and to pick two or
    three of the vendors already listed that seem capable of handling that
    load and fulfill their other requirements (price, service, etc), get
    test units and test it out. Be very wary of vendor suggestions to tailor
    your load profile in such a way as to make their product look better.

    Load balancing has turned into a pretty huge domain of functionality
    and the market is moving very fast! While I'm pretty proud of the
    breadth of functionality and performance of our boxes, I know that
    for some types of loads, there are probably better boxes out there.
    Be sure you are comparing apples to apples and make sure the tests
    you are basing your decision upon are representative of the actual
    load you need the box to handle.

    On a side note, I was very amused when one of our competitors announced
    a product that could do "500,000" sessions per second and which only
    had two 1 gigabit interfaces. Even assuming they could perfectly max
    out both interfaces, each "session" could comprise about 429 bytes,
    including headers and the 500,000 number only applied to unmonitored
    round-robin load balancing. Needless to say, the product has not
    shipped, and is unlikely to.

    By the way, doesn't Resilience ship their own high availability solution?

    Regards,
    JMH

    Warren Verbanec wrote:
    > Sweet Jeebus!- don't go with F5! Their performance numbers are nowhere near what they claim to be (in my experience). Just waaaay too many exceptions to the rule.
    >
    > I'm personally biased, as I've done a lot of work with F5 corporate, and had poor experiences across the board. But the numbers are the real reason why I don't recommend them- the IXIA doesn't lie!
    >
    >
    > I've had best results with Foundry. www.foundrynet.com/products/webswitches/serveriron/fwlb.html
    >
    > -Warren Verbanec
    > Resilience
    >

    -- 
    John Hall              Test Manager - Switch Team             F5 Networks, Inc.
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Kevin: "Re: [fw-wiz] External Load Balancing"