I made some good progess with the SSL irule and now the entity is correctly parsed out, but i think im missing something still as the connection never truly completes.
Here is the current irule:
when CLIENTSSL_HANDSHAKE {
log local0. "[IP::client_addr]:[TCP::client_port]: SSL handshake completed, collecting SSL payload"
SSL::collect
}
when CLIENTSSL_DATA {
set payload [SSL::payload]
set entityID [findstr $payload "@" 1 ","]
log local0. "$entityID: $entityID"
pool xxx_yyyy_Pool
log local0. "blha Entity Session routing $entityID and setting persistence"
persist uie $entityID 64000
SSL::release
}
Here are the log output when logging in: (at times I commented out the persist line since it throws tcl errors below)
Jul 8 17:57:56 va-bigip01 info tmm2[13133]: Rule /Common/x_Entity_Irule : 10.65.59.202:56070: SSL handshake completed, collecting SSL payload
Jul 8 17:57:56 va-bigip01 info tmm2[13133]: Rule /Common/x_Entity_Irule : QA-xxx-CUST1: QA-xxx-CUST1
Jul 8 17:57:56 va-bigip01 info tmm2[13133]: Rule /Common/x_Entity_Irule : x Entity Session routing QA-xxx-CUST1 and setting persistence
Jul 8 17:58:01 va-bigip01 info tmm7[13134]: Rule /Common/x_Entity_Irule : 10.65.59.202:56074: SSL handshake completed, collecting SSL payload
Jul 8 17:58:01 va-bigip01 info tmm7[13134]: Rule /Common/x_Entity_Irule : :
Jul 8 17:58:01 va-bigip01 info tmm7[13134]: Rule /Common/xEntity_Irule : x Entity Session routing and setting persistence
Jul 8 18:04:22 va-bigip01 info tmm5[13134]: Rule /Common/x_Entity_Irule : 10.65.59.202:53658: SSL handshake completed, collecting SSL payload
Jul 8 18:04:22 va-bigip01 info tmm5[13134]: Rule /Common/x_Entity_Irule : QA-xxx-PROV1: QA-xxx-PROV1
Jul 8 18:04:22 va-bigip01 info tmm5[13134]: Rule /Common/x_Entity_Irule : x Entity Session routing QA-xxx-PROV1 and setting persistence
Jul 8 18:04:26 va-bigip01 info tmm4[13134]: Rule /Common/x_Entity_Irule : 10.65.59.202:53668: SSL handshake completed, collecting SSL payload
Jul 8 18:04:26 va-bigip01 info tmm4[13134]: Rule /Common/x_Entity_Irule : :
Jul 8 18:04:26 va-bigip01 info tmm4[13134]: Rule /Common/x_Entity_Irule : x Entity Session routing and setting persistence
Jul 8 18:04:26 va-bigip01 err tmm4[13134]: 01220001:3: TCL error: /Common/x_Entity_Irule - attempt to use empty persistence key (line 1) invoked from within "persist uie $entityID 64000"
I also noticed the unviersal persistence when set doesn't seem to send the next entity to the next pool member even though the connection is not completing. in the output below I expect that all future uses matching CUST2 stay on 10.36.35:9820 but entity PROV1 be put on the other pool member 10.36.6.35:9820 not shown here
@(bigip01)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show ltm persistence persist-records | grep universal
universal QA-xxx-PROV1 10.195.127.9:443 10.36.6.35:9820 (tmm: 5)
universal QA-xxx-CUST2 10.195.127.9:443 10.36.6.35:9820 (tmm: 2)