Forum Discussion

Bhanu_9561's avatar
Bhanu_9561
Icon for Cirrus rankCirrus
Oct 12, 2012

Interesting scenario with client intelligence

I have a VIP listening for tcp traffic on port 8800 load balancing to a pool (2 servers). The client is using a polling mechanism to poll the users whenever both the servers are down.

 

The requirement is that when both the servers are down the polling agent whould detect this and poll the users. When both the servers are down the BIGIP is sending a RST packet after the TCP handshake. I believe the client is looking at the TCP handshake and even though sees a RST packet after that, assumes that servers are up and running and tries a TCP handshake again.

 

The interesting thing is that when other cleints using the same 8800 port to access HTTP traffic can sense when the servers are down. Even though the same set of packets are sent by teh BIGIP. SYN, SYN-ACK, ACK and then a RST by BIGIP.

 

Is there a way we can write an iRule to see if the pool is marked down and then deny a TCP ACK packet?

 

Not sure if iRules have the capability to check server stats.

 

Thanks.

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Oct 12, 2012
    Hi calidogg,

     

     

    You could use the active_members check in an iRule to verify if there are any members available and there are no available members then take whatever action you want afterwards.
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Oct 12, 2012
    Hi,

     

     

    When you add a TCP profile to a virtual server, it's not currently possible to refuse the three way handshake. What type of client is this? Is it possible to modify its behavior to verify the availability based on a layer 7 check instead of a TCP handshake?

     

     

    Else, you might be able to disable ARP on the virtual address via a script if all pool members are down (assuming this is the only virtual server on the IP address).

     

     

    Aaron