need help with iRule that is using a piece of TCP payload for persistence

Question

Guys,  
&nbsp;  need some help with the subject.  
&nbsp;  there is a communication going on between front-end and back-end servers.  
&nbsp;  communication consists of a number of separate TCP connections.  
&nbsp;  when initial connection goes from the front-end to the back-end server, the back-end servers gets picked up from the pool.  
&nbsp;  in reply the back-end server inserts its ID into a payload.  
&nbsp;  When fron-end servers initiates next TCP connection, it is inserting that ID into the payload. I'm using TCP::collect in order to catch that. and I'm able to see that ID. Means it is present and correct.  
&nbsp;  after i catch that ID i'm trying to send this connection to a specific back-end server..and i'm getting Tcl errors about address being in use.  
&nbsp;  tried using LB::detach before pool command - no luck.  
&nbsp;  any ideas?  
&nbsp;    
&nbsp;  when CLIENT_ACCEPTED {  
&nbsp;   TCP::collect 2 56  
&nbsp;  }  
&nbsp;    
&nbsp;  when CLIENT_DATA {  
&nbsp;   if {[TCP::payload 2] == "40" } {  
&nbsp;      pool  member   
&nbsp;      log local0. "the ID value is [TCP::payload 2]  
&nbsp;      }  
&nbsp;   elseif {[TCP::payload 2] == "50" } {  
&nbsp;      pool  member   
&nbsp;      log local0. "the ID value is [TCP::payload 2]  
&nbsp;      }  
&nbsp;   TCP::release  
&nbsp;  }  
&nbsp;    
&nbsp;  thx!

james_quinby_46 · Answer

Are you trying to simply persist based on the payload value you're collecting, or are you trying to send everyone who has value X to one pool/member and everyone with value Y somewhere else?

dmitry_kuzura · Answer

Trying to persist based on the value from the payload. 
&nbsp; whoever has value X is going to server X 
&nbsp; whoever has value Y is going to server Y 
&nbsp; whoever has different value is going through load balancing (did not include that into iRule example) 
&nbsp;  
&nbsp; thx!

james_quinby_46 · Answer

Could you post the exact rule you're using, and any errors that show up in /var/log/ltm?

dmitry_kuzura · Answer

when CLIENT_ACCEPTED { 
&nbsp; TCP::collect 2 56 
&nbsp; } 
&nbsp;  
&nbsp; when CLIENT_DATA { 
&nbsp; if {[TCP::payload 2] == "40" } { 
&nbsp; pool  member  
&nbsp; log local0. "the ID value is [TCP::payload 2] 
&nbsp; } 
&nbsp; elseif {[TCP::payload 2] == "50" } { 
&nbsp; pool  member  
&nbsp; log local0. "the ID value is [TCP::payload 2] 
&nbsp; } 
&nbsp; else { 
&nbsp; pool  
&nbsp; log local0. "initial load balancing" 
&nbsp; } 
&nbsp; TCP::release 
&nbsp; }  
&nbsp;  
&nbsp; do not have access to log right now. 
&nbsp; it looked like this: 
&nbsp;  
&nbsp; Nov 13 12:34:25 tmm tmm[]: 01220001:3: TCL error: Rule HASH-DATA-PERSIST  - Address in use (line 7) invoked from within "pool  pool member "

spark_86682 · Answer

The problem is that since you are using the  parameter to TCP::collect, the connection to the server is not being held up (see the TCP::collect wiki page for more on this). So by the time your pool commands are running, the server selection has already happened, and the connection to it has already been made. That's why you're getting the "address in use" error. Indeed, it's possible (though unlikely in practice) that some of those 56 bytes you're skipping have already been sent to it.  
&nbsp;  
&nbsp; What you should do is a regular "TCP::collect 58" and then in CLIENT_DATA just extract the two bytes you care about; that will hold up server selection and connection allowing you to choose a different server based on those bytes.

Forum Discussion

need help with iRule that is using a piece of TCP payload for persistence

7 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Payload string based persistence

irule reject request when payload field is null

Help with tcp/http payload irule

Large payload post requests aren't responding

XFF Universal Persistence iRule