Re: External Load Balancing

[John Hall <j.hall () f5 com>]

Warren,

I can't let that pass without comment.  I'm no marketdroid but I've been
somewhat involved with validating the performance numbers on some of our
boxes, and while you're right that there are exceptions, it's generally
a very simple equation.  The smarter you want the LB to be, the slower
it's going to process packets.  With our current v9.x products, if you
only want to do what Foundry (or most of the other vendors products) do,
then we are quite competitive.  If you turn on all the whiz-bang features
(not available on the other boxes), then it's gonna slow down.

When did you do the the IXIA testing you are basing your opinion upon and
with which cards?  We've worked with IXIA for the last two years getting
their products to create *realistic* loads.  Several years ago, many of
the connections per second statistics were being produced using 1 byte
payload packets, or even worse, broken TCP sessions with no data (ever
heard of a three packet TCP session?), and we at F5 just don't expend
a whole lot of energy making our boxes perform well for such broken
and unrealistic tests.  For reasonable packet sizes, our current generation
is quite capable of filling a multiple gigabit pipe, even when performing
some pretty advanced rewrites.

My suggestion to the original poster would be to be sure they understand
the characteristics of the load they need to balance and to pick two or
three of the vendors already listed that seem capable of handling that
load and fulfill their other requirements (price, service, etc), get
test units and test it out.  Be very wary of vendor suggestions to tailor
your load profile in such a way as to make their product look better.

Load balancing has turned into a pretty huge domain of functionality
and the market is moving very fast!  While I'm pretty proud of the
breadth of functionality and performance of our boxes, I know that
for some types of loads, there are probably better boxes out there.
Be sure you are comparing apples to apples and make sure the tests
you are basing your decision upon are representative of the actual
load you need the box to handle.

On a side note, I was very amused when one of our competitors announced
a product that could do "500,000" sessions per second and which only
had two 1 gigabit interfaces.  Even assuming they could perfectly max
out both interfaces, each "session" could comprise about 429 bytes,
including headers and the 500,000 number only applied to unmonitored
round-robin load balancing.  Needless to say, the product has not
shipped, and is unlikely to.

By the way, doesn't Resilience ship their own high availability solution?

Regards,
JMH


Warren Verbanec wrote:
> Sweet Jeebus!- don't go with F5! Their performance numbers are nowhere near what they claim to be (in my experience). 
> Just waaaay too many exceptions to the rule.
>
> I'm personally biased, as I've done a lot of work with F5 corporate, and had poor experiences across the board. But the numbers are the real reason why I don't recommend them- the IXIA doesn't lie! 
>
>
> I've had best results with Foundry. www.foundrynet.com/products/webswitches/serveriron/fwlb.html
>
> -Warren Verbanec
> Resilience

--
John Hall              Test Manager - Switch Team             F5 Networks, Inc.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards