--On Tuesday, July 21, 2009 4:51 PM -0400 "Clowser, Jeff" jeff_clowser@fanniemae.com wrote:
We've certainly seen that F5 load balancers cause problems just like your seeing when used with LDAP. They just slow things down way too much to be worthwhile.
Do you have any facts/numbers to back this up? I've never seen F5's slow things down noticably. The most common problem load balancers introduce are idle timeout mismatches (where the LB times out and drops an idle connection from it's table that the client and server don't know was dropped, so leave lots of orphaned connections hanging open on both sides, which in turn does cause problems - one of which could be performance). Trivial to fix with proper idle timeout configuration/coordination on the backend server and LB.
We've had F5's be the root of the problem with several clients who load balanced their LDAP servers, and pointed postfix at the F5 for delivery. They added just a few milliseconds of time to each LDAP query, but that was enough to completely back up their mail delivery system. Removing the F5 from the picture allowed mail to flow smoothly, no more problems.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration