ltm eviction-policy
ltm eviction-policy(1) BIG-IP TMSH Manual ltm eviction-policy(1)
NAME
eviction-policy - Configures eviction policies to determine when and how to terminate connections.
MODULE
ltm
SYNTAX
Configure the eviction-policy component within the ltm module using the syntax shown in the following
sections.
CREATE/MODIFY
create eviction-policy [name]
modify eviction-policy [name]
options:
description [string]
app-service [[string] | none]
low-water [integer]
high-water [integer]
slow-flow {
enabled [true | false]
eviction-type [count | percent]
grace-period [integer]
maximum [integer]
threshold-bps [integer]
throttling [enabled | disabled]
}
strategies {
bias-bytes {
delay [integer]
enabled [true | false]
}
bias-idle {
enabled [true | false]
}
bias-oldest {
enabled [true | false]
}
low-priority-geographies {
countries [add | delete | modify | replace-all-with] {
[country-code] ...
}
enabled [true | false]
}
low-priority-port {
enabled [true | false]
ports [add | delete | modify | replace-all-with] {
[ [name] ] {
app-service [[string] | none]
port-number [name | integer]
protocol [any | sctp | tcp | udp]
} ...
}
}
low-priority-route-domain {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [route domain name] ] ...
}
}
low-priority-virtual-server {
enabled [true | false]
names [add | delete | modify | replace-all-with] {
[ [virtual server name] ] ...
}
}
}
DISPLAY
list eviction-policy
list eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
partition
show eviction-policy
show eviction-policy [ [ [name] | [glob] | [regex] ] ...]
options:
all-properties
default
DELETE
delete eviction-policy [name]
DESCRIPTION
You use the eviction policy to specify which flows to terminate when the connection limits for the box are
approached. The eviction policy contains strategies which select the flows to terminate. Additionally, the
eviction policy defines parameters used to determine when flows are considered to be slow. Slow flows are
terminated according to the policy, even when the Big-IP is not under duress and the connection limits are not
approached.
When applied to the global context, the eviction policy low-water and high-water limits are with respect to
memory available on the Big-IP. When applied to a virtual server or a route domain, the limits are with
respect to the connection limit on the virtual server or route domain, respectively.
It is possible to monitor slow flows, accumulating metrics on the number of flows under the designated slow
flow transfer limit. To do so, enable slow-flows, but disable throttling on the slow flow.
Note: Monitoring or killing slow flows will incur a performance penalty.
Note: The strategies applied here work on a cyclic sweep of all connections on the Big-IP. These do not run at
the granularity to guarantee eviction of a particular flow or type of flow, but are statistical and
opportunistic.
The bias-bytes algorithm attempts to select the flows that have sent and received the fewest bytes on the
connection.
The bias-idle algorithm attempts to select the flows that have been idle the longest.
The bias-oldest algorithm attempts to select the oldest flows.
The low-priority-geographies algorithm selects flows that are in low-priority geographies according to the
GeoIP database loaded onto the box.
The low-priority-port algorithm selects flows that are in the provided list of low-priority ports and
protocols.
The low-priority-route-domain algorithm selects flows that are in the provided list of low-priority route
domains.
The low-priority-virtual-server algorithm selects flows that are in the provided list of low-priority virtual
servers.
EXAMPLES
create eviction-policy my_eviction_policy { low-water 70 high-water 80 slow-flow { enabled true threshold-bps
50 throttling disabled } strategies { bias-idle { enabled true } } }
Creates an eviction policy named my_eviction_policy, which accumulates statistics on the current number of
slow flows but does not terminate any flows that are considered slow. The bias-idle algorithm is used to kill
flows when the limits on the context are approached. The aggressive sweeper will activate at 80 percent of
capacity, and deactivate when load is reduced to 70 percent of capacity.
modify eviction-policy my_eviction_policy { strategies { low-priority-geographies { enabled true countries
replace-all-with { AZ BZ } } } }
Modifies the eviction policy named my_eviction_policy, enabling the low-priority geography strategy and
dropping flows from Azerbaijan (AZ) and Belize (BZ).
delete eviction-policy my_eviction_policy
Deletes the eviction policy named my_eviction_policy.
OPTIONS
description
Provides a user-defined description for the policy.
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
low-water
Specifies the aggressive sweeper activation threshold as a percentage of total capacity. The allowable
range is 50 - 100, and the low-water value must be lower than or equal to the high-water value. To
disable killing flows when limits are met or exceeded, set the low-water and high-water to 100 percent.
Default value is 85 percent.
high-water
Specifies the target maximum load on the context. The adaptive reaper will be more aggressive as this
limit is approached. The allowable range is 50 - 100, and the high-water value must be higher than or
equal to the low-water value. To disable killing flows when limits are met or exceeded, set the low-water
and high-water to 100 percent. Defaults to 95 percent.
slow-flow
Specifies whether to monitor and possibly remove flows considered to be slow.
enabled
If true, the slow-flow monitoring and possible removal are activated. If false, the remaining slow-
flow attributes are unused. The default value is false.
eviction-type
Indicates whether the threshold is based on an absolute count of slow flows, or a percentage of the
total flows on the context where the eviction policy is applied. There is no default value.
grace-period
Specifies the minimum age of a slow flow before the flow is killed.
maximum
Provides the count or percentage at which slow flows will be killed. If eviction-type is count, this
value is the absolute number of slow flows allowed; if eviction-type is percent, this is the
percentage of flows on the context that are allowed to fall under the threshold-bps before being
killed.
threshold-bps
Provides the threshold under which flows are considered to be slow, in bytes per second.
throttling
Indicates whether to kill flows that are considered slow. If set to enabled, flows that fall under
the threshold-bps are subject to being killed according to the defined maximum number of flows.
strategies
Defines the strategies to be used to select flows for eviction in the eviction policy.
bias-bytes
Defines how to use the bias-bytes eviction strategy.
delay
The delay allowed for new flows to transfer content, to prevent killing infant flows.
enabled
Specifies whether to use the bias-bytes algorithm. If false, the bias-bytes algorithm is not
used. The default value is false.
bias-idle
Defines how to use the bias-idle eviction strategy.
enabled
Specifies whether to use the bias-idle algorithm. If false, the bias-idle algorithm is not
used. The default value is false.
bias-oldest
Defines how to use the bias-oldest eviction strategy.
enabled
Specifies whether to use the bias-oldest algorithm. If false, the bias-oldest algorithm is not
used. The default value is false.
low-priority-geographies
Defines how to use the low-priority geographies eviction strategy.
countries
Provides a list of country codes considered low-priority candidates to evict, based on GeoIP
information.
enabled
Specifies whether to use the low-priority-geographies algorithm. If false, the low-priority-
geographies algorithm is not used. The default value is false.
low-priority-port
Defines how to use the low-priority-port eviction strategy.
enabled
Specifies whether to use the low-priority-port algorithm. If false, the low-priority-port
algorithm is not used. The default value is false.
ports
Provides a list of ports considered low-priority candidates to evict.
app-service
Specifies the name of the application service to which the object belongs. The default
value is none. Note: If the strict-updates option is enabled on the application service
that owns the object, you cannot modify or delete the object. Only the application service
can modify or delete the object.
port-number
Specifies the port number considered low-priority. The number provided can be either a
number (e.g., 80) or a name (e.g., http).
protocol
Specifies the protocol considered low-priority. The default value is any.
low-priority-route-domain
Defines how to use the low-priority-route-domain eviction strategy.
enabled
Specifies whether to use the low-priority-route-domain algorithm. If false, the low-priority-
route-domain algorithm is not used. The default value is false.
names
Specifies a list of route domain names considered to be low-priority candidates to evict.
low-priority-virtual-server
Defines how to use the low-priority-virtual-server eviction strategy.
enabled
Specifies whether to use the low-priority-virtual-server algorithm. If false, the low-priority-
virtual-server algorithm is not used. The default value is false.
names
Specifies a list of virtual server names considered to be low-priority candidates to evict.
SEE ALSO
create, delete, edit, list, modify, show, tmsh, regex, sys geoip
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2015. All rights reserved.
BIG-IP 2015-07-14 ltm eviction-policy(1)