Example for configuring a load balancer

This example describes the required setup of the F5 BIG-IP load balancer to work with PSM. Reference it when configuring your own load balancer.

The example was created using the BIG-IP (version 12.1.2 Build 0.0.249) web based GUI. This is often referred to as the TMUI - Traffic Management User Interface.

For our example, PSM is installed on Windows 2012 R2.

 

The following procedures contain a list of BIG-IP LTM configuration objects as well as any custom settings you should configure in this deployment scenario. Unless otherwise specified, settings that are not mentioned in the procedure, configure them as applicable for your environment.

Health monitors

Use the following procedure to create health monitors.

Create an RDS Health Monitor:

  1. Open the Main tab, select Local Traffic > Monitors .

  2. On the Monitor Lists page, click the Create button or the + button.

  3. On the New Monitor page, enter the following:

    Field

    Description

    Name

    Enter a unique name for the monitor.

    Type

    Select the TCP option from the list.

    Interval

    Enter 30 seconds

    Timeout

    Enter 91 seconds

    Send String

    Enter: \x03\x00\x00\x13\x0E\xE0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x0b\x00\x00\x00

    Receive String

    • For Windows 2012 R2 enter:

      \x03\x00\x00\x13\x0E\xD0\x00\x00\x12\x34\x00\x02\x0f\x08\x00\x08\x00\x00\x00

    • For Windows 2016 enter:

      \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x08\x00\x00\x00

Create a PSMHealth Monitor:

This example assumes that the PSM Health Check service is installed on the PSM machines and is configured to work in classic mode.

  1. Open the Main tab, select Local Traffic > Monitors .

  2. On the Monitor Lists page, click Create or the + button.

  3. On the New Monitor page, enter the following:

    Field

    Description

    Name

    Enter a unique name for the monitor.

    Type

    Select the HTTPS option from the list.

    Send String

    Enter GET /psm/api/health HTTP/1.1\r\nHost:\r\n\r\n

    Receive String

    Enter PASS

    Alias Service Port

    Select HTTPS from the list

 

In some BIG-IP versions, the health monitor fails to use the configured alias service port and instead passes the request to the pool member port. As a result, the pool member is marked as not available. This issue can be solved by installing a hotfix. For more information, see the F5 support.

Create a server pool with pool members

Create a pool of PSM servers with pool members. The pool identifies which PSM servers you want the virtual server to send client requests to. You can identify the PSM servers by their FQDNs instead of their IP addresses. In this way, the system automatically updates pool members whenever you make changes to their corresponding server IP addresses on your network.

Before you begin:

  • Verify that you have created the health monitors.

  • Decide on the IP addresses or FQDNs for the PSM servers that you want to include in your server pool.
  • If your system is using DHCP, make sure your DNS servers are not configured for round-robin DNS resolutions. Instead, they should be configured to return all available IP addresses in a resolution.

Create a server pool:

  1. Open the Main tab, select Local Traffic > Monitors .

  2. On the Monitor Lists page, click Create or the + button.

  3. On the New Monitor page, enter the following:

    1. Field

      Description

      Name

      Enter a unique name for the pool.

      Health Monitors

      Select a monitor for the list and move the monitor to the Active list.

      For details, see Health monitors

      Slow Ramp Time

      Enter 300 seconds.

      This field appears in Advanced configuration.

      Load Balancing Method

      1. Select Least Connection (Member)

      2. For the New Members setting, add each PSM server that you want to include in the pool.

      3. Select one of the following:

        • New Node. Enter a name for the node and the IP address for the PSM server.
        • New FQDN Node. Enter a name for the node and the FQDN for the PSM server.

        If you are using FQDNs instead of IP addresses, you should still enter at least one IP address to ensures that the system can find a pool member if a DNS server is not available.

      Service Port

      Enter 3389

      This is the default port For Remote Desktop Session Host deployments.

      Auto Populate

      If you are using FQDNs for the server names, then keep Auto populate Enabled.

      When you enable Auto Populate, the system creates an ephemeral node for each IP address returned as the result to a DNS query. In addition, when a DNS result shows that the IP address of an ephemeral node no longer exists, the system deletes the ephemeral node.

  4. Click Add.

  5. Repeat for each node.

  6. Click Finished.

TCP Profile

Create a TCP Profile:

  1. Open the Main tab, and select Local Traffic > Profiles > Protocols > TCP.

  2. On the TCP Profiles List page, click Create or the + button.
  3. On the New TCP Profile page, enter the following:

    Field

    Description

    Name

    Enter a unique name for the profile.

    Parent Profile

    Select tcp-wan-optimized or tcp-lan-optimized depending on where your clients are located.

    If you select tcp-wan-optimized, disable Nagle's Algorithm.

    Idle Timout

    Enter 1200

    Keep Alive Interval

    Enter 75

Virtual server

Before you create a virtual server, verify the following:

  • You created the pool to send traffic from this virtual server.

  • You created the TCP profile.

Create a virtual server

  1. Open the Main tab, and select Local Traffic > Virtual Servers .

  2. On the Virtual Servers page, click Create or the + button.
  3. On the New Virtual Server page, enter the following:

    Field

    Description

    Name

    Enter a unique name for the virtual server.

    The IP address for this field needs to be on the same subnet as the external self-IP address.

    Destination Address

    Enter the IP address in CIDR format.

    The supported format is address/prefix, where the prefix length is in bits.

    For example, an IPv4 address/prefix is 10.0.0.1 or 10.0.0.0/24.

    When you use an IPv4 address without specifying a prefix, the BIG-IP® system automatically uses a /32 prefix.

    Service Port

    Enter 3389

    This is the default port for Remote Desktop Session Host deployments.

    Protocol

    Select TCP from the list.

    Protocol Profile

    Select a profile from the list.

    SSL pass-through

    The SSL Profiles (Client and Server) fields are left empty.

    Source Address Transaltion

    Select AutoMap from the list.

    Resources

    From the Default Pool list, select the relevant pool name.