Forum Discussion

Awkrd1_7470's avatar
Awkrd1_7470
Icon for Nimbostratus rankNimbostratus
Jul 22, 2011

Current connections not dropped when using command:discard

Hello,     I have a simple i-Rule implemented that is not doing what I expect it to do. I would like to discard any current or new connections to the pool (TCP reset) when the pool members <2. ...
application delivery
dev
devops
iRules
Austin_Geraci's avatar
Austin_Geraci
Icon for MVP rankMVP
Jul 24, 2011
I would have to run some dumps as I'm not sure what exactly happens at the tcp level with a "discard" within that event.. If it just "discards" the packet.. I would think you'd see a lot of tcp retransmissions from the host if you're not sending any tcp parms to the server/host.. just dropping packets..?

 

 

The discard wiki speaks to it as it does indeed discard the connection..

 

 

After "discard" is executed, the rule will continue until the end of the current event so "connection discarded ..." will be logged.

 

 

http://devcentral.f5.com/wiki/iRules.discard.ashx

 

 

but notice they show it used in the "SERVER_CONNECTED" event..

 

 

A lot of people miss the "action on service down" feature within a pool configuration. If you're not looking for much manipulation when droping the connection I would say it's a good option for you. Setting it to "reject" will send a TCP reset to the client and server forcing a close..

 

 

Gui.. Pool--->(advanced)Action On Service Down--->Reject

 

 

Bigpipe-

 

b pool test '{

 

action on svcdown reset

 

}'