Forum Discussion

kdw313's avatar
kdw313
Icon for Nimbostratus rankNimbostratus
Jun 29, 2023

Can iRules identify specific protocols?

Hi.

The feature I am trying to implement is to apply QoS for critical protocols like BGP and BFD,

I received a response that there does not seem to be a separate function for Case Open results, and that it is possible to apply QoS with iRule, but it is not possible to identify the protocol.

Q ) Is there any way to identify only BGP protocol using iRule?

Thank you.

2 Replies

  • Hi kdw313, if this is through-traffic that BIG-IP is handling and not an endpoint BGP speaker that you are referencing, you should be able to use an iRule with the binary scan command to check for BGP open messages. The value for the open message should be 1 in the 19th byte of the TCP payload. untested, but this should get you started:

    when CLIENT_ACCEPTED {
        TCP::collect 19
    }
    when CLIENT_DATA {
        binary scan [TCP::payload] @18c bgp_message_type
        if {$bgp_message_type eq "\x01"} {
            log local0. "BGP Open message detected!"
        }
        TCP::release
    }
  • No. You should use a NGFW like Palo Alto with Content ID for this. Performing QoS and on the fly content identification is not a role for the F5.