ltm eviction-policy
ltm eviction-policy(1) BIG-IP TMSH Manual ltm eviction-policy(1)
NAME
eviction-policy - Configures eviction policies to determine when and how to terminate connections.
MODULE
ltm
SYNTAX
Configure the eviction-policy component within the ltm module using the syntax shown in the following sections.
CREATE/MODIFY
create eviction-policy [name]
modify eviction-policy [name]
options:
description [string]
app-service [[string] | none]
low-water [integer]
high-water [integer]
slow-flow {
enabled [true | false]
eviction-type [count | percent]
grace-period [integer]
maximum [integer]
threshold-bps [integer]
throttling [enabled | disabled]
}
strategies {
bias-bytes {
delay [integer]
enabled [true | false]
}
bias-idle {
enabled [true | false]
}
bias-oldest {
enabled [true | false]
}
low-priority-geographies {
countries [add | delete | modify | replace-all-with] {
[country-code] ...
}
enabled [true | false]
}
low-priority-port {
enabled [true | false]
ports [add | delete | modify | replace-all-with] {
[ [name] ] {
app-service [[string] | none]
port-number [name | integer]
protocol [any | sctp | tcp | udp]
} ...
}
}
low-priority-route-domain {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [route domain name] ] ...
}
}
low-priority-virtual-server {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [virtual server name] ] ...
}
}
}
DISPLAY
list eviction-policy
list eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
partition
show eviction-policy
show eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
default
DELETE
delete eviction-policy [name]
DESCRIPTION
You use the eviction policy to specify which flows to terminate when the connection limits for the box are approached. The
eviction policy contains strategies which select the flows to terminate. Additionally, the eviction policy defines
parameters used to determine when flows are considered to be slow. Slow flows are terminated according to the policy, even
when the Big-IP is not under duress and the connection limits are not approached.
When applied to the global context, the eviction policy low-water and high-water limits are with respect to memory
available on the Big-IP. When applied to a virtual server or a route domain, the limits are with respect to the connection
limit on the virtual server or route domain, respectively.
It is possible to monitor slow flows, accumulating metrics on the number of flows under the designated slow flow transfer
limit. To do so, enable slow-flows, but disable throttling on the slow flow.
Note: Monitoring or killing slow flows will incur a performance penalty.
Note: The strategies applied here work on a cyclic sweep of all connections on the Big-IP. These do not run at the
granularity to guarantee eviction of a particular flow or type of flow, but are statistical and opportunistic.
The bias-bytes algorithm attempts to select the flows that have sent and received the fewest bytes on the connection.
The bias-idle algorithm attempts to select the flows that have been idle the longest.
The bias-oldest algorithm attempts to select the oldest flows.
The low-priority-geographies algorithm selects flows that are in low-priority geographies according to the GeoIP database
loaded onto the box.
The low-priority-port algorithm selects flows that are in the provided list of low-priority ports and protocols.
The low-priority-route-domain algorithm selects flows that are in the provided list of low-priority route domains.
The low-priority-virtual-server algorithm selects flows that are in the provided list of low-priority virtual servers.
EXAMPLES
create eviction-policy my_eviction_policy { low-water 70 high-water 80 slow-flow { enabled true threshold-bps 50 throttling
disabled } strategies { bias-idle { enabled true } } }
Creates an eviction policy named my_eviction_policy, which accumulates statistics on the current number of slow flows but
does not terminate any flows that are considered slow. The bias-idle algorithm is used to kill flows when the limits on the
context are approached. The aggressive sweeper will activate at 80 percent of capacity, and deactivate when load is reduced
to 70 percent of capacity.
modify eviction-policy my_eviction_policy { strategies { low-priority-geographies { enabled true countries replace-all-with
{ AZ BZ } } } }
Modifies the eviction policy named my_eviction_policy, enabling the low-priority geography strategy and dropping flows from
Azerbaijan (AZ) and Belize (BZ).
delete eviction-policy my_eviction_policy
Deletes the eviction policy named my_eviction_policy.
OPTIONS
description
Provides a user-defined description for the policy.
app-service
Specifies the name of the application service to which the object belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
object. Only the application service can modify or delete the object.
low-water
Specifies the aggressive sweeper activation threshold as a percentage of total capacity. The allowable range is 50 -
100, and the low-water value must be lower than or equal to the high-water value. To disable killing flows when limits
are met or exceeded, set the low-water and high-water to 100 percent. Default value is 85 percent.
high-water
Specifies the target maximum load on the context. The adaptive reaper will be more aggressive as this limit is
approached. The allowable range is 50 - 100, and the high-water value must be higher than or equal to the low-water
value. To disable killing flows when limits are met or exceeded, set the low-water and high-water to 100 percent.
Defaults to 95 percent.
slow-flow
Specifies whether to monitor and possibly remove flows considered to be slow.
enabled
If true, the slow-flow monitoring and possible removal are activated. If false, the remaining slow-flow
attributes are unused. The default value is false.
eviction-type
Indicates whether the threshold is based on an absolute count of slow flows, or a percentage of the total flows
on the context where the eviction policy is applied. There is no default value.
grace-period
Specifies the minimum age of a slow flow before the flow is killed.
maximum
Provides the count or percentage at which slow flows will be killed. If eviction-type is count, this value is the
absolute number of slow flows allowed; if eviction-type is percent, this is the percentage of flows on the
context that are allowed to fall under the threshold-bps before being killed.
threshold-bps
Provides the threshold under which flows are considered to be slow, in bytes per second.
throttling
Indicates whether to kill flows that are considered slow. If set to enabled, flows that fall under the threshold-
bps are subject to being killed according to the defined maximum number of flows.
strategies
Defines the strategies to be used to select flows for eviction in the eviction policy.
bias-bytes
Defines how to use the bias-bytes eviction strategy.
delay
The delay allowed for new flows to transfer content, to prevent killing infant flows.
enabled
Specifies whether to use the bias-bytes algorithm. If false, the bias-bytes algorithm is not used. The
default value is false.
bias-idle
Defines how to use the bias-idle eviction strategy.
enabled
Specifies whether to use the bias-idle algorithm. If false, the bias-idle algorithm is not used. The default
value is false.
bias-oldest
Defines how to use the bias-oldest eviction strategy.
enabled
Specifies whether to use the bias-oldest algorithm. If false, the bias-oldest algorithm is not used. The
default value is false.
low-priority-geographies
Defines how to use the low-priority geographies eviction strategy.
countries
Provides a list of country codes considered low-priority candidates to evict, based on GeoIP information.
enabled
Specifies whether to use the low-priority-geographies algorithm. If false, the low-priority-geographies
algorithm is not used. The default value is false.
low-priority-port
Defines how to use the low-priority-port eviction strategy.
enabled
Specifies whether to use the low-priority-port algorithm. If false, the low-priority-port algorithm is not
used. The default value is false.
ports
Provides a list of ports considered low-priority candidates to evict.
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you
cannot modify or delete the object. Only the application service can modify or delete the object.
port-number
Specifies the port number considered low-priority. The number provided can be either a number (e.g.,
80) or a name (e.g., http).
protocol
Specifies the protocol considered low-priority. The default value is any.
low-priority-route-domain
Defines how to use the low-priority-route-domain eviction strategy.
enabled
Specifies whether to use the low-priority-route-domain algorithm. If false, the low-priority-route-domain
algorithm is not used. The default value is false.
names
Specifies a list of route domain names considered to be low-priority candidates to evict.
low-priority-virtual-server
Defines how to use the low-priority-virtual-server eviction strategy.
enabled
Specifies whether to use the low-priority-virtual-server algorithm. If false, the low-priority-virtual-
server algorithm is not used. The default value is false.
names
Specifies a list of virtual server names considered to be low-priority candidates to evict.
SEE ALSO
create, delete, edit, list, modify, show, tmsh, regex, sys geoip
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2015. All rights reserved.
BIG-IP 2015-07-14 ltm eviction-policy(1)