NimbostratusHello everyone:
I need see the total connections for a specific network in a vserver. I´m reading about cretion irule but i need some help! con you help me? I have one f5 ltm 6900 v10.2.4
THAK´S
Nimbostratus
I need see the total connections for a specific network in a vserver. I´m reading about creation irule but i need some help! can you help me? I have one f5 ltm 6900 v10.2.4
THAnK´S (sorry for my vocabulary)
Employee
[root@ve10:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.79:80
ip protocol 6
rules myrule
profiles {
mystats {}
tcp {}
}
}
[root@ve10:Active] config b profile mystats list
profile stats mystats {
defaults from stats
field1 net172
field2 net192
field3 others
}
[root@ve10:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 172.28.19.0/16] } {
STATS::incr mystats net172 1
} elseif { [IP::addr [IP::client_addr] equals 192.168.206.0/24] } {
STATS::incr mystats net192 1
} else {
STATS::incr mystats others 1
}
}
}
[root@ve10:Active] config b profile mystats
PROFILE STATS mystats parent stats
| net172: 100
| net192: 1
| others: 0
NimbostratusHi there
This is Danims team mate. We tried the configuration above without success. We tried this "switch" statement variant with the same poor results too:
when CLIENT_ACCEPTED {
switch [ IP::addr [IP::client_addr]] {
10.120.0.0/16 { STATS::incr mystats Stats_GER 1 }
10.110.0.0/16 { STATS::incr mystats Stats_CZ 1 }
default { STATS::incr mystats Stats_Other 1 }
}
}
The point is only "Stats_Other" is being increased. The other containers are not, and we suspect it is beause of bad iRule definition.
NimbostratusConfirmed. the iRule has a problem. If I set the first if condition to "true", first field stars to increase.
¿Any suggestions with the iRule networks evaluation?
Cirrostratus
when CLIENT_ACCEPTED {
switch [IP::addr [IP::client_addr]] {
"10.120.0.0/16" { STATS::incr mystats Stats_GER 1 }
"10.110.0.0/16" { STATS::incr mystats Stats_CZ 1 }
default { STATS::incr mystats Stats_Other 1 }
}
}
[/code
I don't know what it can be. "switch" statement, "if + elseif", quotation, network definition (many ways)... I'mt stuck with this. ¿Should I open a case to F5 support to get helped with this?
PS: Thanks What Lies Beneath and nitas for your interest and help. As soon as we get with the solution, will post here. Regards.
Cirrostratus
Then you've tried something like this and it isn't working - note I've added some logging which might help and gone back to if statements?
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 10.120.0.0/16] } {
log local0. "Matched 10.120/16, incrementing Stats_GER"
STATS::incr mystats Stats_GER 1
}
elseif { [IP::addr [IP::client_addr] equals 10.110.0.0/16] } {
log local0. "Matched 10.110/16, incrementing Stats_CZ"
STATS::incr mystats Stats_CZ 1
}
else {
log local0. "Matched nothing, incrementing Stats_Other"
STATS::incr mystats Stats_Other 1
}
}
Finally we found solution to this very riddle.
The point was we have many partitions at our F5 (with its own route-domain). So, the correct declaration a network (IP address indeed) being checked by an iRule is as follows:
if { [IP::addr [getfield [IP::client_addr] "%" 1] equals 10.120.0.0/255.255.0.0] } { ....
where the "%" 1 forces LTM to check every route-domain till exact pattern shows up, if we understood correctly.
Special thanks to this link:
https://devcentral.f5.com/community/group/aft/2163370/asg/50
Regards.