Can iRules identify specific protocols?

Question

Hi.The feature I am trying to implement is to apply QoS for critical protocols like BGP and BFD,I received a response that there does not seem to be a separate function for Case Open results, and that it is possible to apply QoS with iRule, but it is not possible to identify the protocol.Q ) Is there any way to identify only BGP protocol using iRule?Thank you.

jrahm · Answer

Hi&nbsp;kdw313,&nbsp;if this is through-traffic that BIG-IP is handling and not an endpoint BGP speaker that you are referencing, you should be able to use an iRule with the binary scan command to check for BGP open messages. The value for the open message should be 1 in the 19th byte of the TCP payload. untested, but this should get you started:
when CLIENT_ACCEPTED {
    TCP::collect 19
}
when CLIENT_DATA {
    binary scan [TCP::payload] @18c bgp_message_type
    if {$bgp_message_type eq "\x01"} {
        log local0. "BGP Open message detected!"
    }
    TCP::release
}

whisperer · Answer

No. You should use a NGFW like Palo Alto with Content ID for this. Performing QoS and on the fly content identification is not a role for the F5.

Forum Discussion

Can iRules identify specific protocols?

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

Proxy Protocol v2 Initiator

BIG-IP BGP Routing Protocol Configuration And Use Cases

How to Identify and Manage Scrapers (Pt. 1)

SSL protocol mismatch

Proxy Protocol Initiator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS