Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Request to know best way to send message over HTTPS from CLIENTSSL_HANDSHAKE

Dear F5 community Context In the case when SSL termination is happening at the F5, i need to send a message over HTTPS to another machine in the CLIENTSSL_HANDSHAKE event.

Implementation I am using Mark's super sideband requestor(https://devcentral.f5.com/wiki/iRules.HTTP-Super-SIDEBAND-Requestor-Client-Handles-Redirects-Cookies-Chunked-Transfer-APM-Access-etc.ashx?Code=1) to do the same

Issue The solution is not working at scale. As i see connections getting aborted in the logs( Pending rule /Common/SendMsg aborted for 16.183.81.254:44023 -> 16.183.81.253:4265). I tried 1) Saving the state across multiple invocations and reusing the state 2) Batching up messages and using table command to save the outstanding data, still didn't help.

What could be the best way to accomplish this?

Thanks

0
Rate this Question
Comments on this Question
Comment made 2 weeks ago by Andy McGrath 2250

What version of F5 TMOS are you running for your solution?

0
Comment made 2 weeks ago by hemantMF 1

The F5 is running on 12.0. By the way, I had an issue where the F5 was using the 127.1.1.x IP as source for sending data out on Physical F5 and in the case resolution, I used the workaround provided to use SNAT and add some code in he iRUle for CLIENT_ACCEPTED event to facilitate the same. Just in case it is relevant

Thanks a ton

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Look at this article!

The irule have the same behavior as you request

0
Comments on this Answer
Comment made 2 weeks ago by hemantMF 1

Stanislas, thanks for responding. I am not sure what you mean. At my end, functionally things are working fine, at a slightly higher volume, I start getting connection drops. Am trying to figure out if my approach is the best way to accomplish the objective of sending data over HTTPS

0
Comment made 2 weeks ago by hemantMF 1

Apologies Stanslas. When i looked at your reply on my mobile, I missed the link you had shared. It is exactly what my context is; let me read that and get back on the same.

Thanks a ton, Hemant

0