Counting SMTP emails in Forwarding VS

Question

Hi Guys When I throw myself in, I was expecting it to be an easy thing to do but I have kinda hit to the wall now. I am looking for ideas if we can achieve it indeed using IRule. We are using 6400 active/passive pair with 9.4.4 running on them. &nbsp;&nbsp;REQUIREMENT 
&nbsp;We have two Internet gateways facing gateways. We want to split the traffic between these gateways based on number of emails. For example, first 1,000 emails should use gateway_1 and rest should use gateway_2. It is a requirement that BIGIP should not proxy or relay the traffic, so we cannot have SMTP VS. &nbsp;
&nbsp;FORWARDING SOLUTION 
&nbsp;What I have done so far is make a new Forwarding VIP (IP Forwarding) at the BIGIP and the IRule will be bound to this forwarding VS. We have a default gateway_2 defined as default gateway. IRule will count the emails and put an exception for gateway_1 for first 1,000 emails. Rest of all eamils will use default gateway of gateway_2 to reach the Internet mailing servers. &nbsp;
&nbsp;PROBLEM 
&nbsp;The problem is, because Forwarding VS is a layer-3 VS, IRule function of TCP and SMTP are unable to work as we cannot bind TCP Profile to a Forwarding (IP) VSs. And to have TCP profile setup, we need STANDARD type of VS which will make the BIGIP proxy and break the requirement, so we cannot have STANDARD. &nbsp;
&nbsp;SUGGESTIONS REQUIRED My question is, can we somehow bind TCP Profile to a Forwarding (IP) VS? Or, can we look inside the IP PAYLOAD for SMTP commands or TCP session without having TCP Profile bound with VS? Which functions can I use in my IRule? &nbsp;
&nbsp;Any help will be greatly appreciated. Fire you questions to me if I did not explain well. Thanks. &nbsp;

nitass · Answer

i am just curious why transparent round-robin is not applicable. is it considered to be proxying traffic?

fizzyboy_29767 · Answer

Thanks Nitass. 
&nbsp; Transparent RR will not be the best solution as it wil use packet-level logic to split the traffic. Our requirement is, first 1000 emails to go to one way and any further go to other. I need a mechnism to count the emails and decide the next hop. Thanks.

hooleylist · Answer

can we somehow bind TCP Profile to a Forwarding (IP) VS? 
&nbsp;  
&nbsp; You can't add a TCP profile to a forwarding virtual server. 
&nbsp;  
&nbsp; Or, can we look inside the IP PAYLOAD for SMTP commands or TCP session without having TCP Profile bound with VS? 
&nbsp;  
&nbsp; No, in order to inspect the TCP payload from an iRule you need to add a TCP profile added to the virtual server. 
&nbsp;  
&nbsp; Which functions can I use in my IRule?  
&nbsp;  
&nbsp; I think you'd need to use a standard TCP virtual server and then call TCP::collect/TCP::release to inspect the payloads to count the number of emails.  I'm not sure how scalable this will be for a high capacity virtual server.  But SMTP doesn't necessarily need to be real time, so a bit of latency might not be a problem. 
&nbsp;  
&nbsp; Aaron

fizzyboy_29767 · Answer

Thanks Aaron. Again, standard TCP VS will break the session and BIGIP will act like a SMTP proxy/relay in the conversion. That is against our requirement and not good for us. Hmmm....seems like we need to go back to the drawing board........Thanks to all......

hooleylist · Answer

Yes, in order to collect and inspect the TCP payload, LTM would need to be in full proxy mode. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Counting SMTP emails in Forwarding VS

5 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

SkyNet Is Coming For Email First... Thankfully!

Certificate Expiry Email alert configuration

ASM ser input type email doesn't allow valid emails

ASM L7 DoS email alert

APM sesions count per partition