Hi Stephan,
Yes have confirmed all of that. I am using just one pool member right now. Radius client is my own code (http://sourceforge.net/projects/radiustest/) - i am sending just a single Access-Request with 11:11:11:11:11:11 as calling-station-id and 1.2.3.4 as framed-ip-address and getting the result:
: session table entry added:
: session table lookup result for calling station ID of 11:11:11:11:11:11: 172.16.34.100
: lookup match: 172.16.34.100
: session table entry added:
That is with the following irule:
when LB_SELECTED {
log local0. "session table entry added: "
session add uie "persist:[RADIUS::avp 31]" [LB::server addr]
}
when CLIENT_DATA {
log local0. "session table lookup result for calling station ID of [RADIUS::avp 31]: [session lookup uie "persist:[RADIUS::avp 31]"]"
if {[session lookup uie "persist:[RADIUS::avp 31]"] ne ""} {
log local0. "lookup match: [session lookup uie "persist:[RADIUS::avp 31]"]"
node [session lookup uie "persist:[RADIUS::avp 31]"]
log local0. "session table entry added: "
session add uie "persist:[RADIUS::avp 8]" [IP::remote_addr]
}
}
Logs looks nice but how can i check the results ? Persistence and sys connection tables are empty. And i do suspect it's not working correctly because if i add a second member to the pool (172.16.34.101), and send two identical radius packets the second one is going to the second pool member:
: session table entry added:
: session table lookup result for calling station ID of 11:11:11:11:11:11: 172.16.34.101
So it looks like there is no session and we always start a new session and adding new session table entry (using session add from LB_SELECTED) instead of reusing the same node for which we do have that session already.
Also why we do use "node" in CLIENT_DATA if that is displayed by the logs after LB_SELECTED ? Should not we stick/persistent the session before we do create persistence entry/session entry (to be sure we do hit the one which was created previously) ?
Thanks, Michal