[f-nsp] Replacement for ADX?

Tue Jun 7 14:44:52 EDT 2016

Thanks. That's great feedback on the licensing method for VTM. I don't work in the PM or Dev team for vTM, but I'll definitely share your feedback next time I talk with them.

I've been working with some customers, like the Army and USMC, where the traffic based licensing doesn't meet their requirements (like working without an uplink to the Internet). Can't commit to any changes in the work, but the PMs were receptive to figuring out an alternative solution.

Please keep bending the ear of your own account team to make sure they pass on your feedback to the PMs. The more voices asking for a change the better.

Wilbur

On May 24, 2016 7:25 PM, Jimmy Stewpot <mailers at oranged.to> wrote:

We have not used ADX load balancers in my current organisation, I have used them in previous organisations to achieve massive scale. That said the complexity to manage them at scale in a globally distributed topology was a challenge that required us to develop custom tooling. In my current organisation we have been using the SteelApp load balancers (now brocade) for some time and have been very happy with the product, improvements and roadmap.

We have replaced a number (8+) of high throughput (4-6Gbps each) HAProxy and Ngnix boxes with VTM's. We have seen an improvement in customer performance (measured via APDEX) and a reduction in CPU load for the same traffic throughput. The API is pretty good and the traffic script is good, If that doesn't work you can do more advanced features using their JVM. That said the VTM's are not without their drawbacks.

No SSL failover is a PITA as we have a very high SSL/TLS session establishment rate with short lived session times, if we have a fail over event (maintenance, failure etc) all of the SSL/TLS session ids need to be renewed on the alternative box which despite improvements in TLS still takes all the CPU.

Traffic Script is really nice, however there are some capabilities that are difficult to do which are simple in the LUA modules "supported" by HAPROXY and Nginx.

Licensing model is seriously bad (m-kay) and needs a major review. Brocade needs to have options that allow customers to move away from throughput based licensing to something more compatible with hybrid environments. We have 4+ global sites that we globally load balance, if one site fails we need to make sure we can handle the load in the other sites which brings in a number of licensing challenges not to mention finance, capacity management, reporting etc particularly as global load balancing is a challenge to evenly distribute the load, particularly during a failure event. IMHO this is the biggest f-up in regards to their product it seems that it's licensed based on an enterprise model static traffic rather than a bursty "web 2.0"/"SaaS" platform. If you are in this basket then I would recommend nginx or haproxy, both have their strengths and weaknesses so test each to find which one suits your patterns best.

----- Original Message -----
From: "Wilbur Smith" <wsmith at brocade.com>
To: "David Hubbard" <dhubbard at dino.hostasaurus.com>, "foundry-nsp" <foundry-nsp at puck.nether.net>
Sent: Thursday, 31 March, 2016 5:27:07 AM
Subject: Re: [f-nsp] Replacement for ADX?

Yeah…

Sorry about the new website design; plenty of the field engineers (myself included) hate it too. Marking thinks it look AMAZING though, so there not listing to us. Best advice I can recommend is to click the “Contact Us’ link at the bottom of our page, select General/Customer satisfaction, an tell them what you think.

Concerning out EOS announcement for the ADX, we’re definitely making a shift to NFV. This is really being pushed by the adoption of virtualization and cloud services like AWS, but I understand that plenty of customers still have physical servers.

Brocade acquired SteelApp and its entire development team from Riverbead over a year ago. Since them, we’ve rebranded this Virtual Traffic Manager (vTM) and increased developer resources of it. We also have the Virtual ADX (vADX) that’s based off of the original hardware ADX and has most of the same functions.

I’m sorry to see the hardware ADX go away too, but I think the market is changing so quickly that even F5 and A10 will start to make this transition.

Wilbur

From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of David Hubbard
Sent: Tuesday, March 08, 2016 8:56 AM
To: foundry-nsp at puck.nether.net
Subject: [f-nsp] Replacement for ADX?

As best I can tell (thanks to Brocade’s site being one of the worst designs I’ve encountered), they’ve moved on from hardware load balancers like the ADX and want you to deploy traditional servers running software solutions? I’m curious what others are doing going forward? Have you moved to their software solutions and do you like them, especially for a high availability setup? Any other hardware options you’ve moved on to?

Thanks,

David

_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_mailman_listinfo_foundry-2Dnsp&d=CwIGaQ&c=IL_XqQWOjubgfqINi2jTzg&r=l86Fj-WC0GHHSCjQjuUvTzxOj0iW25AHL3VIC5Dog8o&m=yLRc6m68lpVwDVEOXm6h-mDHkiyfDQGRN_wkGYVmNyQ&s=5UhwkgM_uXqXT4aMVYyVPSrGDzvchgyMjSsGG89Lst8&e=
_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
https://urldefense.proofpoint.com/v2/url?u=http-3A__puck.nether.net_mailman_listinfo_foundry-2Dnsp&d=CwIGaQ&c=IL_XqQWOjubgfqINi2jTzg&r=l86Fj-WC0GHHSCjQjuUvTzxOj0iW25AHL3VIC5Dog8o&m=yLRc6m68lpVwDVEOXm6h-mDHkiyfDQGRN_wkGYVmNyQ&s=5UhwkgM_uXqXT4aMVYyVPSrGDzvchgyMjSsGG89Lst8&e=
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20160607/d425ffe0/attachment.html>