Manual Chapter : Load Balancing Passive Mode FTP Traffic with Data Channel Optimization

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0
Manual Chapter

Load Balancing Passive Mode FTP Traffic with Data Channel Optimization

Overview: FTP passive mode load balancing with data channel optimization

You can set up the BIG-IP system to load balance passive mode FTP traffic, with optimization of both the FTP control channel and the data channel.

By default, the BIG-IP system optimizes FTP traffic for the control channel, according to the configuration settings in the default client and server TCP profiles assigned to the virtual server. When you use this particular implementation, you also configure the system to take advantage of those same TCP profile settings for the FTP data channel. This provides useful optimization of the data channel payload.

Task Summary for load balancing passive mode FTP traffic

You can perform these tasks to configure FTP passive mode load balancing that optimizes traffic on both the control channel and data channel.

Task list

Creating a custom FTP profile

You create a custom FTP profile when you want to fine-tune the way that the BIG-IP®system manages FTP traffic. This procedure creates an FTP profile and optimizes the way that the BIG-IP system manages traffic for the FTP data channel.
  1. On the Main tab, click Local Traffic > Profiles > Services > FTP .
    The FTP profile list screen opens.
  2. Click Create.
    The New FTP Profile screen opens.
  3. In the Name field, type a unique name for the profile.
  4. From the Parent Profile list, select the default ftp profile.
  5. Select the Custom check box.
  6. For the Inherit Parent Profile setting, select the check box.
    This optimizes data channel traffic.
  7. Click Finished.
The custom FTP profile now appears in the FTP profile list screen.

Creating a custom FTP monitor

An FTP monitor requires a user name and password, and the full path to the file to be downloaded.

Create a custom FTP monitor to verify passive mode File Transfer Protocol (FTP) traffic. The monitor attempts to download a specified file to the /var/tmp directory. If the file is retrieved, the check is successful.

Note: The BIG-IP® system does not save the downloaded file.
  1. On the Main tab, click Local Traffic > Monitors .
    The Monitor List screen opens.
  2. Click Create.
    The New Monitor screen opens.
  3. Type a name for the monitor in the Name field.
  4. From the Type list, select FTP.
    The screen refreshes, and displays the configuration options for the FTP monitor type.
  5. From the Import Monitor list, select an existing monitor.
    The new monitor inherits initial configuration values from the existing monitor.
  6. Type a number in the Interval field that indicates, in seconds, how frequently the system issues the monitor check. The default is 10 seconds.
  7. Type a number in the Timeout field that indicates, in seconds, how much time the target has to respond to the monitor check. The default is 31 seconds.
    If the target responds within the allotted time period, it is considered up. If the target does not respond within the time period, it is considered down.
  8. Type a name in the User Name field.
  9. Type a password in the Password field.
  10. Type the full path and file name of the file that the system attempts to download in the Path/Filename field.
    The health check is successful if the system can download the file.
  11. For the Mode setting, select one of the following data transfer process (DTP) modes.
    Option Description
    Passive The monitor sends a data transfer request to the FTP server. When the FTP server receives the request, the FTP server initiates and establishes the data connection.
    Port The monitor initiates and establishes the data connection with the FTP server.
  12. From the Configuration list, select Advanced.
    This selection makes it possible for you to modify additional default settings.
  13. From the Up Interval list, do one of the following:
    • Accept the default, Disabled, if you do not want to use the up interval.
    • Select Enabled, and specify how often you want the system to verify the health of a resource that is up.
  14. Type a number in the Time Until Up field that indicates the number of seconds to wait after a resource first responds correctly to the monitor before setting the resource to up.
    The default value is 0 (zero), which disables this option.
  15. Specify whether the system automatically enables the monitored resource, when the monitor check is successful, for Manual Resume.
    This setting applies only when the monitored resource has failed to respond to a monitor check.
    Option Description
    Yes The system does nothing when the monitor check succeeds, and you must manually enable the monitored resource.
    No The system automatically re-enables the monitored resource after the next successful monitor check.
  16. For the Alias Address setting, do one of the following:
    • Accept the *All Addresses default option.
    • Type an alias IP address for the monitor to verify, on behalf of the pools or pool members with which the monitor is associated.
    If the health check for the alias address is successful, the system marks all associated objects up. If the health check for the alias address is not successful, then the system marks all associated objects down.
  17. For the Alias Service Port setting, do one of the following:
    • Accept the *All Ports default option.
    • Select an alias port or service for the monitor to check, on behalf of the pools or pool members with which the monitor is associated.
    If the health check for the alias port or service is successful, the system marks all associated objects up. If the health check for the alias port or service is not successful, then the system marks all associated objects down.
  18. For the Debug setting, specify whether you want the system to collect and publish additional information and error messages for this monitor.
    You can use the log information to help diagnose and troubleshoot unsuccessful health checks. To view the log entries, see the System > Logs screens.
    Option Description
    Yes The system redirects error messages and other information to a log file created specifically for this monitor.
    No The system does not collect additional information or error messages related to this monitor. This is the default setting.
  19. Click Finished.
You can associate the new custom monitor with the pool that contains the FTP resources.

Creating a pool to manage FTP traffic

To load balance passive mode FTP traffic, you create a load balancing pool. When you create the pool, you assign the custom FTP monitor that you created in the previous task.
  1. On the Main tab, click Local Traffic > Pools .
    The Pool List screen opens.
  2. Click Create.
    The New Pool screen opens.
  3. In the Name field, type a unique name for the pool.
  4. For the Health Monitors setting, in the Available list, select a monitor type, and click << to move the monitor to the Active list.
    Tip: Hold the Shift or Ctrl key to select more than one monitor at a time.
  5. From the Priority Group Activation list, select Disabled.
  6. Add each resource that you want to include in the pool using the New Members setting:
    1. Type an IP address in the Address field.
    2. Type 21 in the Service Port field, or select FTP from the list.
    3. (Optional) Type a priority number in the Priority field.
    4. Click Add.
  7. Click Finished.
The pool to manage FTP traffic appears in the Pools list.

Creating a virtual server for FTP traffic

You can define a virtual server that references the FTP profile and the FTP pool.
  1. On the Main tab, click Local Traffic > Virtual Servers .
    The Virtual Server List screen opens.
  2. Click the Create button.
    The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. In the Destination Address/Mask field, type the IP address in CIDR format.
    The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is 10.0.0.1 or 10.0.0.0/24, and an IPv6 address/prefix is ffe1::0020/64 or 2001:ed8:77b5:2:10:10:100:42/64. When you use an IPv4 address without specifying a prefix, the BIG-IP® system automatically uses a /32 prefix.
    Note: The IP address you type must be available and not in the loopback network.
  5. In the Service Port field, type 21 or select FTP from the list.
  6. From the FTP Profile list, select the custom profile that you created earlier.
  7. Locate the Resources area of the screen; for the Related iRules setting, from the Available list, select the name of the iRule that you want to assign and move the name to the Enabled list.
    This setting applies to virtual servers that reference a profile for a data channel protocol, such as FTP or RTSP.
  8. In the Resources area of the screen, from the Default Pool list, select the relevant pool name.
  9. Click Finished.
The custom FTP virtual server appears in the Virtual Servers list.

Implementation result

A BIG-IP system with this configuration can process FTP traffic in passive mode, in a way that optimizes the traffic on both the control channel and the data channel. This optimization is based on the settings of the default client-side and server-side TCP profiles.