Forum Discussion

Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Jun 16, 2010

Trying to throttle logging

I am running the following iRule on some of my Virtuals, I had an issues where we tripped the first logging entry (log local0. "WARNING: Local server [LB::server addr] on port [LB::server port] just refused a connection") in the rule due to a particular server only being setup with ICMP monitoring where it logged 76000 entries in less than a minute causing a failover on my LTM. I have fixed the monitoring but I have been tasked to make sure that this cannot happen again. So what I would like to do is setup logging that so it will only log 100 entries then stop and wait for time period before logging another 100 entries. Does anyone have an example of how to do this? Thanks

 

 

when LB_FAILED {

 

 

if { [active_members [LB::server pool]] > 0 } {

 

 

log local0. "WARNING: Local server [LB::server addr] on port [LB::server port] just refused a connection"

 

 

LB::reselect

 

 

} else {

 

 

log local0. "Connection request made to local servers, sending to remote data center because LB_FAILED"

 

 

node 1.2.3.4 80

 

 

Apply this snat to make the return traffic come back through this LTM

 

 

snat 4.3.2.1

 

 

tell the LTM to backup and retry this connection to the hard coded address and port

 

 

LB::reselect

 

 

}

 

 

}

 

 

3 Replies

  • Hi Mike,

     

     

    You could take the logic from this Codeshare example and add it to your logging iRule:

     

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/LogEveryXSeconds.html

     

     

    Note the 9.x and 10.1+ versions.

     

     

    Aaron
  • Aaron,

     

    Thanks for the link, I had actually just found it and was working it into my rule. If you would mind, taking a look and see if I have implemented it appropriately within my rule. I have also added a status check to verify the remote node is up before sending the traffic. Still new to iRules, but finding that the resources and folks on DevCentral to be very helpful. Thanks

     

     

    when RULE_INIT {

     

     

    Initialize a variable to track the last time a log message was made

     

    set ::last_log_timestamp [clock seconds]

     

     

    Shortest interval (in seconds) to log a message

     

    set ::min_log_interval 60

     

    }

     

     

    when LB_FAILED {

     

     

    We still have local servers in the pool, but the server we picked timed out or reset the TCP connection

     

    for some reason. Don't send them to the remote datacenter yet.

     

    if { [active_members [LB::server pool]] > 0 } {

     

     

    Check if the log interval has passed

     

    if {[expr {[clock seconds] - $::last_log_timestamp}] > $min_log_interval}{

     

     

    log local0. "WARNING: Local server [LB::server addr] on port [LB::server port] just refused a connection"

     

     

    Update the last run timestamp

     

    set ::last_log_timestamp [clock seconds]

     

     

    LB::reselect

     

     

    }

     

    }

     

     

    Checks the status of the remote data center to make sure there are servers available to send to if there is

     

    it will reject the connection

     

    if { [LB::status node 1.2.3.4] eq "down" } {

     

    reject

     

    }

     

     

    else {

     

     

    We have one of 2 cases:

     

     

    1. All local pool servers are down by monitor

     

     

    2. All local pool servers have reached their connection limits

     

     

    log local0. "Connection request made to local servers, sending to remote data center because LB_FAILED"

     

     

    resend the request to the following IP and port

     

     

    node 1.2.3.4 80

     

     

    Apply this snat to make the return traffic come back through this LTM

     

     

    snat 4.3.2.1

     

     

    tell the LTM to backup and retry this connection to the hard coded address and port

     

     

    LB::reselect

     

     

    }

     

     

    }

     

  • That looks good. I just changed the $min_log_interval to a global variable, $::min_log_interval as this was an error in the Codeshare example.

    when RULE_INIT {
        Initialize a variable to track the last time a log message was made
       set ::last_log_timestamp [clock seconds]
        Shortest interval (in seconds) to log a message
       set ::min_log_interval 60
    }
    when LB_FAILED {
        We still have local servers in the pool, but the server we picked timed out or reset the TCP connection
        for some reason. Don't send them to the remote datacenter yet.
       if { [active_members [LB::server pool]] > 0 } {
          LB::reselect
           Check if the log interval has passed
          if {[expr {[clock seconds] - $::last_log_timestamp}] > $::min_log_interval}{
             log local0. "WARNING: Local server [LB::server addr] on port [LB::server port] just refused a connection"
              Update the last run timestamp
             set ::last_log_timestamp [clock seconds]
          }
       }
        Checks the status of the remote data center to make sure there are servers available to send to if there is
        it will reject the connection
       if { [LB::status node 1.2.3.4] eq "down" } {
          reject
       } else {
           We have one of 2 cases:
           1. All local pool servers are down by monitor
           2. All local pool servers have reached their connection limits
          log local0. "Connection request made to local servers, sending to remote data center because LB_FAILED"
           resend the request to the following IP and port
          node 1.2.3.4 80
           Apply this snat to make the return traffic come back through this LTM
          snat 4.3.2.1
           tell the LTM to backup and retry this connection to the hard coded address and port
          LB::reselect
       }
    }

    Aaron