Oneconnect with telnet sessions

Question

Hi all,&nbsp;
&nbsp;I am trying to get one connect working with a non http vip. doing a quick search the question was asked back in 2006 but none of the links to the more detailed posts are valid about using irules to force oneconnect reuse&nbsp;
&nbsp;i am trying to LB  telnet sessions so that any client connection from a single source address will be forced to re-use the same server-side connection on the basis that the session has dropped client side due coverage. &nbsp;
&nbsp;i have setup a test vip with the default tcp timers and configured the default one connect profile.&nbsp;
&nbsp;so initial testing via my laptop with creating a telnet session then closing the session statefully then opening a new session i always see the f5 open a new connection to the server.&nbsp;
&nbsp;we are running 10.2.0 will the latest hotfixes.&nbsp;
&nbsp;anyone tried something similar? 
&nbsp; &nbsp;

nitass · Answer

it is same as mine. i am running 10.2.3. 
&nbsp;  
&nbsp; sol7208 says irule may be required but there is still lack of document i.e. not well explanation, no example. 
&nbsp;  
&nbsp; Important: When using OneConnect to optimize HTTP traffic, you should apply an HTTP profile to the virtual server. This allows the BIG-IP system to efficiently manage connection re-use without additional configuration. The OneConnect profile may be used with any TCP protocol, but will only function when applied to virtual servers processing simple request/response protocols where transaction boundaries are explicitly obvious, such as those in which each request and each response is contained within a single packet. Applying a OneConnect profile to a non-HTTP virtual server processing more complex transactions, such as FTP or RTSP, may result in traffic disruption and session failure. Even for simple non-HTTP protocols, an iRule may be required to manage connection re-use.  
&nbsp;  
&nbsp;  
&nbsp; sol7208: Overview of the OneConnect profile  
&nbsp; http://support.f5.com/kb/en-us/solutions/public/7000/200/sol7208.html 
&nbsp;  
&nbsp; the request Colin has submitted has been idle. :-( 
&nbsp;  
&nbsp; ID240825 - iRules Documentation (ONECONNECT) (Formerly CR 74322)

hamish · Answer

One more thought... Have you considered how you're going to authenticate the second (And subsequent) connections? Otherwise it's a bit of a security hole (The user closes down, thinks they've dropped the connection, along comes someone else, and bang... They have the previous users login :) 
&nbsp;  
&nbsp; It's a nightmare on terminal servers that don't authenticate with console sessions to servers that don't do sensible things on connection dropping...  
&nbsp;  
&nbsp; H

Forum Discussion

Oneconnect with telnet sessions

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Enable telnet on SSH

How OneConnect Profile works with Cookie Persistence

Lightboard Lessons: OneConnect

What is HTTP Part VII - OneConnect

Ending an APM session when browser tab is closed