Forum Discussion
NimbostratusError on "when CLIENT_ACCEPTED" IRule
Hello,
I created the following Irule in order to increase the TCP idle TimeOut for certain applications. When a connexion occur, in /var/log/ltm file I see systematically the following error and it dosen't work properly:
Sep 5 15:42:11 F5-Prod err tmm[7623]: 01220001:3: TCL error: /Common/IR_TCP_TimeOut - no serverside connection established (line 1) invoked from within "TCP::server_port" ("1423" arm line 4) invoked from within "switch [TCP::local_port] { 1423 { .......
Even so my IRule is very simple :
when CLIENT_ACCEPTED {
switch [TCP::local_port] {
1423 {
set idle 3600
IP::idle_timeout 3600
}
default {
set idle 300
IP::idle_timeout 300
} } }
when SERVER_CONNECTED {
IP::idle_timeout $idle }
Do you have some idea? Thank you
8 Replies
steph_01_143006Hello,
The error occurs because the Big IP receive some UDP traffic. The script does not managed UDP port. so a filter must be added at the start of the script.
- steph_01_143006
I have built the following simple IRule. It's working fine but the timeout is increased for all flows (no filter on port).
when CLIENT_ACCEPTED { set the TCP idle timeout for the client to 3600 IP::idle_timeout 3600 } when SERVER_CONNECTED { set the TCP idle timeout for the server to 3600 IP::idle_timeout 3600 } - steph_01_143006
So no bug :-), but the problem still there. When a connexion occur with port 1423 there is the following error:
Sep 5 15:42:11 F5-Prod err tmm[7623]: 01220001:3: TCL error: /Common/IR_TCP_TimeOut - no serverside connection established (line 1) invoked from within "TCP::server_port" ("1423" arm line 4) invoked from within "switch [TCP::local_port] { 1423 { .......
- nitass
Employee
I suspected a bug with TCP::local_port ...
i did not get an error.
config [root@ve11a:Active:In Sync] config tmsh list ltm rule qux ltm rule qux { when CLIENT_ACCEPTED { log local0. "" switch [TCP::local_port] { 1423 { set idle 3600 IP::idle_timeout 3600 } default { set idle 300 IP::idle_timeout 300 } } } when SERVER_CONNECTED { log local0. "" IP::idle_timeout $idle } } /var/log/ltm [root@ve11a:Active:In Sync] config tail -f /var/log/ltm Sep 5 08:27:39 ve11a info tmm[15094]: Rule /Common/qux CLIENT_ACCEPTED: Sep 5 08:27:39 ve11a info tmm[15094]: Rule /Common/qux SERVER_CONNECTED: - steph_01_143006
It was just a test, because I don't really understand why there is an error.
I suspected a bug with TCP::local_port ...
- steph_01_143006
Yes this is the complete IRule.
I get the example here: https://devcentral.f5.com/wiki/iRules.IP__idle_timeout.ashx
When I replace "switch [TCP::local_port]" by "switch [TCP::server_port]" it doesn't work as well.
- nitasswhy do you want to change TCP::local_port to TCP::server_port? TCP::local_port is destination port on clientside connection (between client and bigip).
- nitass
Sep 5 15:42:11 F5-Prod err tmm[7623]: 01220001:3: TCL error: /Common/IR_TCP_TimeOut - no serverside connection established (line 1) invoked from within "TCP::server_port" ("1423" arm line 4) invoked from within "switch [TCP::local_port] { 1423 { .......
i do not see TCP::server_port in the irule. is it complete irule?
