Forum Discussion

Zdenda

Cirrus

May 17, 2021

iRule node selection does not work

Hi,

we have iRule which is supposed to route traffic to specific IP and nexthop + do SNAT based on values in datagroup.

Problem is that command node seems to not be properly working. LB sends TCP Reset just after receiving TCP SYN.

When I remove node and use pool assigned to VIP it works fine.

when CLIENT_ACCEPTED {
   if {[class match [IP::local_addr] equals my_datagroup]}{
       set values [class match -value [IP::local_addr] equals my_datagroup]
       #node [lindex $values 1]
       # try to set node manually
       node 10.10.10.10 50
       nexthop [lindex $values 2] [lindex $values 3]
       if {[llength $values] > 4 }{
           snatpool [lindex $values 4]
       }
       else {
           snat automap
       }
       }
    }

I enabled logging of TCP RST reason (modify sys db tm.rstcause.log value enable) and got this info:

"Route domain is not reachable (strict mode).

But we have all objects in same partitinon/RD. Might it be that command "node" does not work properly at other than Common partition?

We are running at v 13.

Thanks,

Zdenek

application delivery

BIG-IP

iRules

spalande
May 17, 2021
Try using route domain ID. e.g. if your node resides in route domain 5
node 10.10.10.10%5 50

spalande
Nacreous
May 17, 2021
Try using route domain ID. e.g. if your node resides in route domain 5
node 10.10.10.10%5 50
- Zdenda
  Cirrus
  May 17, 2021
  Nice, that was it. Thanks for hint :)
  - spalande
    Nacreous
    May 17, 2021
    Glad it worked
MahonO168
Nimbostratus
May 18, 2021
I faced similar kind of issue last time, I am still searching for some proper solution.

ElonOne