For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ashik_193456's avatar
Ashik_193456
Icon for Nimbostratus rankNimbostratus
Aug 30, 2016

High Speed Syslog issue

Hi All We have different Security devices (like Juniper , PA , ASA) each on different ports . We trying to load balance every syslog of every security device but infact we were failed in that like Juniper logs always will always go only on member of pool , even we use UDP stateless profile . Is there anything like irule ,that can we loadbalance the High Speed Syslog traffic ( Meanwhile we are using round robin for load balancing algorithm

 

application delivery
iRules
LTM

2 Replies

  • jgranieri's avatar
    jgranieri
    Icon for Nimbostratus rankNimbostratus
    Aug 30, 2016

    you will need an irule on top of a virtual server - the irule should do something like if source IP is x.x.x.x (PA src) then go to syslog_server_A and same for the remainder.

     

    Is this what you are trying to achieve?

     

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Aug 30, 2016

    Hi Ashik,

    to load balance individual SYSLOG messages, you have to make sure...

    1. Your SYSLOG client are using UDP
    2. Persistence profiles are disabled on your Virtual Server.
    3. Round Robin Load Balancing is enabled on your pool.
    4. Every pool member has assigned the same priority group.
    5. The "Datagram LB" option on your UDP profile is enabled.

    6. If you have just enabled the "Datagram LB" option, then make sure to issue a: 

      tmsh delete sys connection cs-client-addr 1.2.3.4 protocol udp

    Cheers, Kai