Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Drain Time

L7 Connection Drain Time is a feature used to help make the administration of your real servers more seamless. When you disable a real server, L7 Connection Drain Time will begin counting down from the specified time.

System Configuration > Miscellaneous Options > L7 Configuration  

During this process the Load Master will forward any new connections to the remaining servers in your cluster. Existing connections will continue relaying application data to a disabled server until that connection is terminated, or Drain Time time has expired and the Drop at Drain Time End checkbox is selected.

 

System Configuration > Miscellaneous Options > L7 Configuration > Drop at Drain Time End

Setting the L7 Connection Drain Time (secs) to ‘0’ will force all the connections to be dropped immediately when a Real Server is disabled

 

If "Drop at Drain Time End" is not checked, and a new connection is received, the first thing that is checked is whether persistence is enabled. If it is not, the connection is scheduled to a server which is enabled and healthy. If it is, the connection is checked to see if it matches an existing persistence record. If it does not, the connection is scheduled to a server which is enabled and healthy and a new persistence record is created. If the persistence record exists, the persistent server state is checked.

If the server is down, the persistence record is discarded, the connection is scheduled to an enabled and healthy server and a new persistence record is created. If the server is up, the connection is sent to the specified server and the persistence record is refreshed. If the server is disabled, we then check the service type.

If the service is operating at Layer 4, drain stop does not apply. In this case, the persistence record is discarded, the connection is scheduled to an enabled and healthy server and a new persistence record is created.

If the service is operating at Layer 7, we then check the "Connection Drain Time",  If the timer is not expired, the connection is sent to the specified server and the persistence record is refreshed. If the Drain Stop timer has expired, the persistence record is discarded, the connection is scheduled to an enabled and healthy server and a new persistence record is created.

In short, new TCP connections will be sent to disabled servers if:

- The service is operating at Layer 7.

- Persistence is on.

- A persistence record exists and is not expired.

- The persistence record specifies a server which is disabled.

- The Drain Stop timer has not expired.

 


Was this article helpful?
1 out of 1 found this helpful

Comments

Avatar

Clark taylor

Also I have read the below;
In short, new TCP connections will be sent to disabled servers if:

- Persistence is on.

- A persistence record exists and is not expired.

- The persistence record specifies a server which is disabled.

- The service is operating at Layer 7.

- The Drain Stop timer has not expired.

- The Drain Stop timer (currently) does not impact existing connections

Does this mean that for example if a server fails the health check, for the duration of the persistence time, users will be directed into a black hole until the persistence expires and the connection is refreshed?

Many thanks

Clark

0

Avatar

Permanently deleted user

Hello Clark,

If the server is down (failed health check), the persistence record is discarded, the connection is scheduled to an enabled and healthy server and a new persistence record is created.

0

Avatar

Security University of Bern

How about L4 VS changes/modifications?
"
If the service is operating at Layer 4, drain stop does not apply. In this case, the persistence record is discarded, the connection is scheduled to an enabled and healthy server and a new persistence record is create
"
It's not clear!
Does anything like this: https://www.haproxy.com/blog/truly-seamless-reloads-with-haproxy-no-more-hacks/
exist on the LoadMaster?

Regards
Florin

0

Avatar

Security University of Bern

0

Avatar

Mark Hoffmann

Hi Florin,

The article section you are mentioning above means that the connection draining feature described there does not apply to Layer 4 Virtual Services. There is one aspect of this on which I am not sure, however, and I'll look into this -- L4 clusters have a "Force L4" option. I am wondering whether if this check box is disabled, then the draining feature might apply. I will ask engineering and come back to you.

BTW, if I correctly understand those HAproxy articles you mentioned above, they are about seamless failover for high availability. They are not about seamless application of a virtual service change while the series is receiving traffic, which is what I believe you are discussing.

Cheers,

Mark

0