iCongo_Live_Dev
Mar 18, 2011Nimbostratus
F5 reboot when restarting a server from the pool
Hi everyone,
This irule will still send traffic to a non available server in the pool. Which causes a Syn flood. We were told this by support "Using the LB::reselect iRules command without a limiting mechanism may result in a SYN flood". Were not sure how to limit LB::reselect
Can somebody can confirm that the following script is out of issues?
when HTTP_REQUEST {
Check if there is already a cookie
set urlPath [HTTP::path]
if { [string match "/VTSFlashClientCacheWeb/*" $urlPath] } {
log local0. $urlPath
HTTP::header replace Host "www.vts.com:8180"
pool vts_8180
} elseif {[HTTP::cookie "TARGETNODE"] != ""}{
set cookieContent [split [HTTP::cookie "TARGETNODE"]]
log local0. "Set node to [lindex $cookieContent 0] [lindex $cookieContent 1] [lindex $cookieContent 2]"
pool [lindex $cookieContent 0] member [lindex $cookieContent 1] [lindex $cookieContent 2]
}
}
when HTTP_RESPONSE {
if {[HTTP::cookie "TARGETNODE"] != ""}{
HTTP::cookie remove "TARGETNODE"
}
set poolServer [LB::server]
if { $poolServer != "vts_8180 10.0.0.23 8180" } {
extract domain name from host to set cookie domain
set cookiedomain ".vts.com"
set header_host [HTTP::host]
for {set i 6} {$i > 1} {incr i -1} {
set tmp [getfield $header_host "." $i]
if { $tmp ne "" and $i > 2 } {
set cookiedomain $tmp
incr i -1
set cookiedomain ".[getfield $header_host "." $i].$cookiedomain"
break;
}
}
HTTP::cookie insert name "TARGETNODE" value [LB::server] path / domain $cookiedomain
}
}
when LB_FAILED {
HTTP::cookie remove "TARGETNODE"
LB::reselect
}