ltm eviction-policy
ltm eviction-policy(1) BIG-IP TMSH Manual ltm eviction-policy(1)
NAME
eviction-policy - Configures eviction policies to determine when and
how to terminate connections.
MODULE
ltm
SYNTAX
Configure the eviction-policy component within the ltm module using the
syntax shown in the following sections.
CREATE/MODIFY
create eviction-policy [name]
modify eviction-policy [name]
options:
description [string]
app-service [[string] | none]
low-water [integer]
high-water [integer]
slow-flow {
enabled [true | false]
eviction-type [count | percent]
grace-period [integer]
maximum [integer]
threshold-bps [integer]
throttling [enabled | disabled]
}
strategies {
bias-bytes {
delay [integer]
enabled [true | false]
}
bias-idle {
enabled [true | false]
}
bias-oldest {
enabled [true | false]
}
low-priority-geographies {
countries [add | delete | modify | replace-all-with] {
[country-code] ...
}
enabled [true | false]
}
low-priority-port {
enabled [true | false]
ports [add | delete | modify | replace-all-with] {
[ [name] ] {
app-service [[string] | none]
port-number [name | integer]
protocol [any | sctp | tcp | udp]
} ...
}
}
low-priority-route-domain {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [route domain name] ] ...
}
}
low-priority-virtual-server {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [virtual server name] ] ...
}
}
}
DISPLAY
list eviction-policy
list eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
partition
show eviction-policy
show eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
default
DELETE
delete eviction-policy [name]
DESCRIPTION
You use the eviction policy to specify which flows to terminate when
the connection limits for the box are approached. The eviction policy
contains strategies which select the flows to terminate. Additionally,
the eviction policy defines parameters used to determine when flows are
considered to be slow. Slow flows are terminated according to the
policy, even when the Big-IP is not under duress and the connection
limits are not approached.
When applied to the global context, the eviction policy low-water and
high-water limits are with respect to memory available on the Big-IP.
When applied to a virtual server or a route domain, the limits are with
respect to the connection limit on the virtual server or route domain,
respectively.
It is possible to monitor slow flows, accumulating metrics on the
number of flows under the designated slow flow transfer limit. To do
so, enable slow-flows, but disable throttling on the slow flow.
Note: Monitoring or killing slow flows will incur a performance
penalty.
Note: The strategies applied here work on a cyclic sweep of all
connections on the Big-IP. These do not run at the granularity to
guarantee eviction of a particular flow or type of flow, but are
statistical and opportunistic.
The bias-bytes algorithm attempts to select the flows that have sent
and received the fewest bytes on the connection.
The bias-idle algorithm attempts to select the flows that have been
idle the longest.
The bias-oldest algorithm attempts to select the oldest flows.
The low-priority-geographies algorithm selects flows that are in low-
priority geographies according to the GeoIP database loaded onto the
box.
The low-priority-port algorithm selects flows that are in the provided
list of low-priority ports and protocols.
The low-priority-route-domain algorithm selects flows that are in the
provided list of low-priority route domains.
The low-priority-virtual-server algorithm selects flows that are in the
provided list of low-priority virtual servers.
EXAMPLES
create eviction-policy my_eviction_policy { low-water 70 high-water 80
slow-flow { enabled true threshold-bps 50 throttling disabled }
strategies { bias-idle { enabled true } } }
Creates an eviction policy named my_eviction_policy, which accumulates
statistics on the current number of slow flows but does not terminate
any flows that are considered slow. The bias-idle algorithm is used to
kill flows when the limits on the context are approached. The
aggressive sweeper will activate at 80 percent of capacity, and
deactivate when load is reduced to 70 percent of capacity.
modify eviction-policy my_eviction_policy { strategies { low-priority-
geographies { enabled true countries replace-all-with { AZ BZ } } } }
Modifies the eviction policy named my_eviction_policy, enabling the
low-priority geography strategy and dropping flows from Azerbaijan (AZ)
and Belize (BZ).
delete eviction-policy my_eviction_policy
Deletes the eviction policy named my_eviction_policy.
OPTIONS
description
Provides a user-defined description for the policy.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
low-water
Specifies the aggressive sweeper activation threshold as a
percentage of total capacity. The allowable range is 50 - 100, and
the low-water value must be lower than or equal to the high-water
value. To disable killing flows when limits are met or exceeded,
set the low-water and high-water to 100 percent. Default value is
85 percent.
high-water
Specifies the target maximum load on the context. The adaptive
reaper will be more aggressive as this limit is approached. The
allowable range is 50 - 100, and the high-water value must be
higher than or equal to the low-water value. To disable killing
flows when limits are met or exceeded, set the low-water and high-
water to 100 percent. Defaults to 95 percent.
slow-flow
Specifies whether to monitor and possibly remove flows considered
to be slow.
enabled
If true, the slow-flow monitoring and possible removal are
activated. If false, the remaining slow-flow attributes are
unused. The default value is false.
eviction-type
Indicates whether the threshold is based on an absolute count
of slow flows, or a percentage of the total flows on the
context where the eviction policy is applied. There is no
default value.
grace-period
Specifies the minimum age of a slow flow before the flow is
killed.
maximum
Provides the count or percentage at which slow flows will be
killed. If eviction-type is count, this value is the absolute
number of slow flows allowed; if eviction-type is percent,
this is the percentage of flows on the context that are
allowed to fall under the threshold-bps before being killed.
threshold-bps
Provides the threshold under which flows are considered to be
slow, in bytes per second.
throttling
Indicates whether to kill flows that are considered slow. If
set to enabled, flows that fall under the threshold-bps are
subject to being killed according to the defined maximum
number of flows.
strategies
Defines the strategies to be used to select flows for eviction in
the eviction policy.
bias-bytes
Defines how to use the bias-bytes eviction strategy.
delay
The delay allowed for new flows to transfer content, to
prevent killing infant flows.
enabled
Specifies whether to use the bias-bytes algorithm. If
false, the bias-bytes algorithm is not used. The default
value is false.
bias-idle
Defines how to use the bias-idle eviction strategy.
enabled
Specifies whether to use the bias-idle algorithm. If
false, the bias-idle algorithm is not used. The default
value is false.
bias-oldest
Defines how to use the bias-oldest eviction strategy.
enabled
Specifies whether to use the bias-oldest algorithm. If
false, the bias-oldest algorithm is not used. The
default value is false.
low-priority-geographies
Defines how to use the low-priority geographies eviction
strategy.
countries
Provides a list of country codes considered low-priority
candidates to evict, based on GeoIP information.
enabled
Specifies whether to use the low-priority-geographies
algorithm. If false, the low-priority-geographies
algorithm is not used. The default value is false.
low-priority-port
Defines how to use the low-priority-port eviction strategy.
enabled
Specifies whether to use the low-priority-port
algorithm. If false, the low-priority-port algorithm is
not used. The default value is false.
ports
Provides a list of ports considered low-priority
candidates to evict.
app-service
Specifies the name of the application service to
which the object belongs. The default value is
none. Note: If the strict-updates option is enabled
on the application service that owns the object,
you cannot modify or delete the object. Only the
application service can modify or delete the
object.
port-number
Specifies the port number considered low-priority.
The number provided can be either a number (e.g.,
80) or a name (e.g., http).
protocol
Specifies the protocol considered low-priority. The
default value is any.
low-priority-route-domain
Defines how to use the low-priority-route-domain eviction
strategy.
enabled
Specifies whether to use the low-priority-route-domain
algorithm. If false, the low-priority-route-domain
algorithm is not used. The default value is false.
names
Specifies a list of route domain names considered to be
low-priority candidates to evict.
low-priority-virtual-server
Defines how to use the low-priority-virtual-server eviction
strategy.
enabled
Specifies whether to use the low-priority-virtual-server
algorithm. If false, the low-priority-virtual-server
algorithm is not used. The default value is false.
names
Specifies a list of virtual server names considered to
be low-priority candidates to evict.
SEE ALSO
create, delete, edit, list, modify, show, tmsh, regex, sys geoip
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2015. All rights
reserved.
BIG-IP 2015-07-14 ltm eviction-policy(1)