Forum Discussion

RiverFish's avatar
RiverFish
Icon for Altostratus rankAltostratus
Nov 19, 2019

Clone traffic sent on port 0, need actual port

I tried the clone pool feature within the VIP settings but there's no traffic being sent to the clone server (not layer 2 adjacent). The iRule below works but the traffic is sent to the clone pool on x.x.x.x.0 instead of x.x.x.x.8897. The VIP, the assigned pool and the clone pool are all wildcard. The port is correct when sent to the assigned pool but it's 0 when sent to the clone pool. Customer needs the actual port on the clone pool. Any ideas?

PS. The customer uses 13 ports and counting. Would rather not create 13 VIPs, pools and iRules. 

    when CLIENT_ACCEPTED {
        # Open a new HSL connection if one is not available
        set hsl [HSL::open -proto TCP -pool mooglamacc-clone-0-pl]
        #log local0. "[IP::client_addr]:[TCP::client_port]: New hsl: $hsl"
    }
    when HTTP_REQUEST {
     
        # Insert an XFF header if one is not inserted already
        # So the client IP can be tracked for the duplicated traffic
       HTTP::header insert X-Forwarded-For [IP::client_addr]
    
       # Check for POST requests
       if {[HTTP::method] eq "POST"}{
           
           # Check for Content-Length between 1b and 1Mb
           if { [HTTP::header Content-Length] >= 1 && [HTTP::header Content-Length] < 1048576 }{
               HTTP::collect [HTTP::header Content-Length]
           } elseif {[HTTP::header Content-Length] == 0}{
               # POST with 0 content-length, so just send the headers
               HSL::send $hsl [HTTP::request]
               #log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"
           }
       } else {
           # Request with no payload, so send just the HTTP headers to the clone pool
           HSL::send $hsl [HTTP::request]
           #log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"
       }
   }
   when HTTP_REQUEST_DATA {
       # The parser does not allow HTTP::request in this event, but it works
       set request_cmd "HTTP::request"
       #log local0. "[IP::client_addr]:[TCP::client_port]: Collected [HTTP::payload length] bytes,\
           sending [expr {[string length [eval $request_cmd]] + [HTTP::payload length]}] bytes total"
       HSL::send $hsl "[eval $request_cmd][HTTP::payload]"
   }
}
  • Simon_Blakely's avatar
    Simon_Blakely
    Icon for Employee rankEmployee
    Nov 19, 2019

    The problem is that your HSL pool (mooglamacc-clone-0-pl) does not have a port specified - you need to set the port there.

    • RiverFish's avatar
      RiverFish
      Icon for Altostratus rankAltostratus
      Nov 19, 2019

      S, yes it does work if I specify a port for the HSL pool but then I’d have to create 13 vips, 13 irules and 13 HSL pools, one for each port. Was hoping to avoid this.

      • Simon_Blakely's avatar
        Simon_Blakely
        Icon for Employee rankEmployee
        Nov 19, 2019

        You can't - on an HSL pool, the pool port specifies the port used to send the logging traffic.

         

        It's a different mechanism to a wildcard pool where the port is passed through to the pool member.

         

        You can still use a single VIP and irule, but you will need 13 HSL pools and some decision logic or a datagroup lookup.

         

        Or don't use a HSL pool and use a sideband connection

         

        Advanced iRules: Sideband Connections