Thomas_Schaefer
Oct 28, 2008Nimbostratus
iRule editor transactions not atomic with Data Classes
I was snooping on the iRules editor using Wireshark and I noticed something when I changed an address class. Rather than doing an add_address_class, the iRules editor deletes the class then does a create on a new class. There are several issues with this from a transactional integrity issue. If the editor faults before the list is added again, we just lost the class, but what about the time between the delete and create.
If an iRule accesses a class that is not there, it faults and stops processing unless a catch is used. Should we be careful and not use the iRule editor to modify classes on a production box to avoid this? Granted the transactions are processed rapidly, but with 1000s of requests per second, I could see an issue in the time between the delete and the add.
I hope I am wrong here, but I would be interested in knowing the reasoning for handling the classes this way.
Thanks,
Tom Schaefer
Better Software Solutions, Inc.