Top 10 list To Optimize Your Application Delivery Controller (ADC)

Application Delivery Controllers (ADCs) are ALWAYS blamed when the application/services stops working. ("It works directly to the server" - developer.). ADC's are deployed on your network to improve scalability, availability and security of your applications and services.

Best Practices for Understanding/Deploying ADC's

1. Understand your application baseline performance

• To understand your ADC capacity and infrastructure growth, your team will need to start monitoring how application performs. Capture data from the Virtual Servers (VIPs) and back-end (pool member). Look at how Throughput, Connections Per Second(CPS), Transactions Per Second (TPS), SSL Throughput/Connections.

2. Analyze your application traffic in Real Time

Enabling Real-time analytics on the ADC will provide a proactive, early warning system, helping your team solve and address issues before they become a disaster. 

3. Avoid IP Fragmentation/Timeouts

• Understand how the applications work, communicate with developers when they deploy new services behind your ADC. For example, SQL Default timeout value =10 min and a typical ADC TCP timeout value = 5 min. Based on the default settings, the ADC will send a RST and kill the communication causing application issues. 

4. Optimize ssl ciphers when SSL offloading

• Don't just apply the default settings, log into the advanced settings of the SSL profiles/Templates and disable Ciphers that are vulnerable (SSL, TLSv1, ...etc).

5. Ensure SNAT pools are sufficiently large

• TCP and UDP have a limit of 64K simultaneous connections for each IP address to a single Virtual Server (VIP). If you are exceeding the connection rate new users/connections will fail intermittently. Also, remember that most TCP stacks will wait 3 seconds before attempting to reconnect. Creating a nightmare to troubleshoot because some clients might take 3, 6, 18 seconds or more to connect. Sizing your SNAT pool comes down to first tip, understanding your baseline and capacity numbers.

6. User proper Load balancing methods and ratios (STOP using round robin)

• Stop using round robin, there are usually 15 or more smarter methods to use. The ADC has the ability to see how many connections and how fast the connections are open and closed, so use these to your advantage and consider using Fastest, Least connection methods.

7. Select the correct Load balancing mode (Layer4, HTTP, Full Proxy..etc)

• Select the mode based on the application you are load balancing, if you are doing web applications or ssl offloading use HTTP (or standard), this will allow the ADC to help optimize the application more. If you are looking to do simple layer4 load balancing select the protocol TCP/UDP. The most important question you want to ask your self is "what are we trying to achieve"

8. Optimize TCP settings

• With the incorrect parameters the ADC will degrade the performance of the application. This can vary depending how you are connecting to the virtual server (Mobile, App, Browser). Look at Nagle's Algorithm, buffer thresholds, ACK-on-push, window sizes..etc.

9. Consider enabling compression and caching (HTTP)

• Most ADCs on the market provide the ability to enable features like Fast Cache, web accelerators and HTTP compression to help reduce bandwidth and improve application experience. However, always discus these features with your developers because indiscriminate caching/compression can uses issues with the app.  For example, JavaScripts is known to cause problems with certain browsers.

10. Logging

• Log everything. The more data you have the better you are equipped to troubleshoot, deploy and maintain any ADC.