Hi Stephan,
OK, i have made several more tests, i have one VS for both Radius Authentication and Accounting. Irule for that:
rule for RADIUS authentication udp/1812
when LB_SELECTED {
log local0. "session table entry added: "
session add uie "persist:[RADIUS::avp 31]" [LB::server addr]
}
rule for RADIUS accounting udp/1813
when CLIENT_DATA {
log local0. "session table lookup result: [session lookup uie "persist:[RADIUS::avp 31]"]"
if {[session lookup uie "persist:[IP::client_addr]"] ne ""} {
log local0. "lookup match: [session lookup uie "persist:[RADIUS::avp 31]"]"
node [session lookup uie "persist:[RADIUS::avp 31]"]
log local0. "session table entry added: "
session add uie "persist:[RADIUS::avp 8]" [IP::remote_addr]
}
}
When i send Radius Authentication packet i got the logs:
session table entry added:
session table lookup result: 172.16.34.100
It looks like session is never created, when trying:
root@(f5)(cfg-sync Standalone)(Active)(/Common)(tmos) show sys connection
Really display all connections? (y/n) y
Sys::Connections
172.16.34.102:35200 172.16.34.100:8 172.16.34.102:35200 172.16.34.100:8 icmp 1 (tmm: 0) none
172.16.34.102:32148 172.16.34.100:8 172.16.34.102:32148 172.16.34.100:8 icmp 6 (tmm: 0) none
172.16.34.102:42463 172.16.34.101:8 172.16.34.102:42463 172.16.34.101:8 icmp 5 (tmm: 1) none
172.16.34.102:57314 172.16.34.101:8 172.16.34.102:57314 172.16.34.101:8 icmp 10 (tmm: 0) none
Total records returned: 4
root@(f5)(cfg-sync Standalone)(Active)(/Common)(tmos)
I do see only icmp connection which are result of monitoring (probe). My persistence looks like:
root@(f5)(cfg-sync Standalone)(Active)(/Common)(tmos) show /ltm persistence persist-records
Sys::Persistent Connections
hash 0 172.16.33.103:any 172.16.34.100:any (tmm: 0)
Total records returned: 1
Why the session is never created ? And how can i display/monitor that ?
Also how can i differentiate accounting from authentication in CLIENT_DATA (i would like to search for framed-ip-addr only for accounting packets).
Thanks,
Michal