Forum Discussion

Roflcopter's avatar
Roflcopter
Icon for Nimbostratus rankNimbostratus
Aug 15, 2017

TCP::Close when pool is down

We have a scenario where a remote client will make a TCP connection to the F5 and in turn a backend server.

 

We are using MBLB to load balance the traffic to backend servers.

 

This TCP connection could stay open for a while and it could be a while between messages. This works great so far.

 

What we need to finish it off though is in the event that all pool members are down there is a TCP::Close sent back to the clients.

 

I have got this working by using the LB_FAILED as below -

 

when LB_FAILED {

 

log local0. "LB FAILED"

 

if { [active_members MY_POOL] == 0 } { TCP::close log local0. "TCP CLOSED" } }

 

However this only works if a new message is received once the pool members are down. It doesn't trigger off a TCP::Close if the pool members go down.

 

I can't find a way to use the pool down event to then trigger off a TCP::Close.

 

application delivery
iRules
LTM

4 Replies

Sort By
  • Jad_Tabbara__J1's avatar
    Jad_Tabbara__J1
    Icon for Cirrostratus rankCirrostratus
    Aug 15, 2017

    Hi,

    If I understood well, you want to "reset" all existing connections as soon as all pool members of your pool goes down ?

    If that's what you are looking for, then your irule wont work because the irule will run only when receive a "new connection" on the VS.

    If you want to reset all existing client-side connections, as "iaine" said you could try to set the pool feature "Action On Service Down" to "reject".

    Otherwise, If you want to manage this from you irule you need to call an external script within your irule using iCall for example. Then from this script, you can use tmsh command to reset all connections of a particular VS. 

    `tmsh delete sys connection cs-server-addr "VIP_addr"`

    Hope it helps

  • jaikumar_f5's avatar
    jaikumar_f5
    Icon for MVP rankMVP
    Aug 17, 2017

    Dint you try the Action on Service Down - Reject option. Refer the "JTI" options.