Forum Discussion

bdavis's avatar
bdavis
Icon for Nimbostratus rankNimbostratus
Dec 11, 2015

APM Session Variables fail to update in cache

I thought maybe someone can help me understand this. I have a Access Policy that contains a macro loop. Inside the macro there is a event id called in an irule that sets a session variable for example session.custom.test = 1. I then have a empty action that looks at this variable to determine which path in the policy it takes. I have found that any iteration of the loop after the first, the Access Policy does not read the updated value of this variable, but the past value from the first iteration of the loop.

 

I thought well maybe just setting it in the irule will not update the cache and VPE is pulling from cache. So I created a temp variable in the irule and then I set it to the session.custom.test in a variable assign inside the VPE. Same results. Can anyone tell me what I am doing wrong? Seems like a fairly simple procedure to be stuck on.

 

  • Hi Brett,

     

    You are running into a known issue. It is being tracked with ID 420284 and will be fixed in the next major release. There is no easy workaround for this.

     

    Basically once APD gets the variable from memcache (iRule) then it caches the value and will not go back to memcache during that same session.

     

    In the past I have seen where people use a counter loop and other logic in the iRule and VPE to make this work.

     

    -Seth

     

  • Here is a workaround I have used in the past.

    Add this iRule to the Virtual Server...

    when ACCESS_POLICY_AGENT_EVENT {
      if { [ACCESS::policy agent_id] eq "my_dns_lookup" } {
        if { [ACCESS::session data get session.my_loop_counter] eq "1" } {
          set hostname [ACCESS::session data get session.logon.last.MyHostDestination]
          ACCESS::session data set session.HostIP_1 [RESOLV::lookup @10.10.10.10 -a $hostname]
          set found [ACCESS::session data get session.HostIP_1]
          log local0. "Host: $hostname ...and what we found:$found ."
        } elseif { [ACCESS::session data get session.my_loop_counter] eq "2" } {
          set hostname [ACCESS::session data get session.logon.last.MyHostDestination]
          ACCESS::session data set session.HostIP_2 [RESOLV::lookup @10.10.10.10 -a $hostname]
          set found [ACCESS::session data get session.HostIP_2]
          log local0. "Host: $hostname ...and what we found:$found ."
        } elseif { [ACCESS::session data get session.my_loop_counter] eq "3" } {
          set hostname [ACCESS::session data get session.logon.last.MyHostDestination]
          ACCESS::session data set session.HostIP_3 [RESOLV::lookup @10.10.10.10 -a $hostname]
          set found [ACCESS::session data get session.HostIP_3]
          log local0. "Host: $hostname ...and what we found:$found ."
        }
      }
    }
    

    In the VPE...

    1. Create a new Variable Assign Object at the beginning of the policy (before the macro)

      Name: my_loop_counter initial
      Assignment: session.my_loop_counter = Text 0
      
    2. Create a new Variable Assign Object after the form where they enter the hostname.

      Name: my_loop_counter_assign
      Assignment: session.my_loop_counter = expr { [mcget {session.my_loop_counter}] + 1 }
      
    3. Create a new Variable Assign Object after the iRule Event Object (you will need to use the ID "my_dns_lookup" for the iRule Event Agent).

      Name: Variable Assign
      Assignment:
         session.HostIP = if { [mcget {session.my_loop_counter}] eq "1" }
                            { expr { [mcget {session.HostIP_1}] }
                          } elseif { [mcget {session.my_loop_counter}] eq "2" }
                            { expr { [mcget {session.HostIP_2}] }
                          } elseif { [mcget {session.my_loop_counter}] eq "3" }
                            { expr { [mcget {session.HostIP_3}] }
                          }
      

    You will then need to do your session.HostIP check later in the VPE.

    I hope this helps you get this configured.

    -Seth

  • bdavis's avatar
    bdavis
    Icon for Nimbostratus rankNimbostratus

    Thank you for the detailed feedback. I will take a look at this workaround and see if I can incorporate it into our design for the time being until the bug is resolved. Thanks for the help, I thought I was going crazy. :)

     

  • dupapa's avatar
    dupapa
    Icon for Nimbostratus rankNimbostratus

    My BigIP version is 16.1.4.1 and it's already 2024. And I still can reproduce the same issue with my Macro😓