Forum Discussion
iRULE not working for ipfix log publisher.
Hello All,
I have one iRULE created which is being used to publish ipfix to my vRNI Collector.
When I Check stastistics around iRULE I can see for RULE_INIT,CLIENT_ACCEPTED and SERVEr_CONNECTED Events there are data present and no failures are there.
But when I check for SERVER_CLOSED,CLIENT_CLOSED Events there are zero events present. Why is it happening. I am guessing because of this logs are not being published to my ipfix collector.
Can someone please let me know how to debug this. I have pasted my iRULE here->
when RULE_INIT {
set static::http_rule1_dest ""
set static::http_rule1_tmplt ""
}
# CLIENT_ACCEPTED event to initiate IPFIX destination and template
when CLIENT_ACCEPTED {
set start [clock clicks -milliseconds]
if { $static::http_rule1_dest == ""} {
# open the logging destination if it has not been opened yet
set static::http_rule1_dest [IPFIX::destination open -publisher /Common/Netflow_Collector_LogPublisher]
}
if { $static::http_rule1_tmplt == ""} {
# if the template has not been created yet, create the template
set static::http_rule1_tmplt [IPFIX::template create "flowStartMilliseconds \
sourceIPv4Address \
sourceIPv6Address \
destinationIPv4Address \
destinationIPv6Address \
sourceTransportPort \
destinationTransportPort \
protocolIdentifier \
octetTotalCount \
packetTotalCount \
octetDeltaCount \
packetDeltaCount \
postNATSourceIPv4Address \
postNATSourceIPv6Address \
postNATDestinationIPv4Address \
postNATDestinationIPv6Address \
postNAPTSourceTransportPort \
postNAPTDestinationTransportPort \
postOctetTotalCount \
postPacketTotalCount \
postOctetDeltaCount \
postPacketDeltaCount \
flowEndMilliseconds \ "]
}
set rule1_msg1 [IPFIX::msg create $static::http_rule1_tmplt]
}
# SERVER_CONNECTED event to initiate flow data to VMware Aria Operations for Networks and populate 5 tuples
when SERVER_CONNECTED {
set client_closed_flag 0
set server_closed_flag 0
IPFIX::msg set $rule1_msg1 flowStartMilliseconds $start
IPFIX::msg set $rule1_msg1 protocolIdentifier [IP::protocol]
# Clientside
if { [clientside {IP::version}] equals "4" } {
# Client IPv4 address
IPFIX::msg set $rule1_msg1 sourceIPv4Address [IP::client_addr]
# BIG-IP IPv4 VIP address
IPFIX::msg set $rule1_msg1 destinationIPv4Address [clientside {IP::local_addr}]
} else {
# Client IPv6 address
IPFIX::msg set $rule1_msg1 sourceIPv6Address [IP::client_addr]
# BIG-IP IPv6 VIP address
IPFIX::msg set $rule1_msg1 destinationIPv6Address [clientside {IP::local_addr}]
}
# Client port
IPFIX::msg set $rule1_msg1 sourceTransportPort [TCP::client_port]
# BIG-IP VIP port
IPFIX::msg set $rule1_msg1 destinationTransportPort [clientside {TCP::local_port}]
# Serverside
if { [serverside {IP::version}] equals "4" } {
# BIG-IP IPv4 self IP address
IPFIX::msg set $rule1_msg1 postNATSourceIPv4Address [IP::local_addr]
# Server IPv4 IP address
IPFIX::msg set $rule1_msg1 postNATDestinationIPv4Address [IP::server_addr]
} else {
# BIG-IP IPv6 self IP address
IPFIX::msg set $rule1_msg1 postNATSourceIPv6Address [IP::local_addr]
# Server IPv6 IP address
IPFIX::msg set $rule1_msg1 postNATDestinationIPv6Address [IP::server_addr]
}
# BIG-IP self IP port
IPFIX::msg set $rule1_msg1 postNAPTSourceTransportPort [TCP::local_port]
# Server port
IPFIX::msg set $rule1_msg1 postNAPTDestinationTransportPort [TCP::server_port]
}
# SERVER_CLOSED event to collect IP pkts and bytes count on serverside
when SERVER_CLOSED {
set server_closed_flag 1
# when flow is completed, BIG-IP to server REQUEST pkts and bytes count
IPFIX::msg set $rule1_msg1 octetTotalCount [IP::stats bytes out]
IPFIX::msg set $rule1_msg1 packetTotalCount [IP::stats pkts out]
# when flow is completed, server to BIG-IP RESPONSE pkts and bytes count
IPFIX::msg set $rule1_msg1 octetDeltaCount [IP::stats bytes in]
IPFIX::msg set $rule1_msg1 packetDeltaCount [IP::stats pkts in]
IPFIX::destination send $static::http_rule1_dest $rule1_msg1
}
# CLIENT_CLOSED event to collect IP pkts and bytes count on clientside
when CLIENT_CLOSED {
set client_closed_flag 1
# when flow is completed, client to BIG-IP REQUEST pkts and bytes octetDeltaCount
IPFIX::msg set $rule1_msg1 postOctetTotalCount [IP::stats bytes in]
IPFIX::msg set $rule1_msg1 postPacketTotalCount [IP::stats pkts in]
# when flow is completed, BIG-IP to client RESPONSE pkts and bytes count
IPFIX::msg set $rule1_msg1 postOctetDeltaCount [IP::stats bytes out]
IPFIX::msg set $rule1_msg1 postPacketDeltaCount [IP::stats pkts out]
# record the client closed time in ms
IPFIX::msg set $rule1_msg1 flowEndMilliseconds [clock click -milliseconds]
# send the IPFIX log
IPFIX::destination send $static::http_rule1_dest $rule1_msg1
}
Thanks all for your reply it was resolved by changing VS settings as below->
Type: Standard Protocol Profile (Client): apm-forwarding-client-tcp Protocol Profile (Server): (Use Client Profile) HTTP Profile (Server): (Use Client Profile) </p
- sbasuNimbostratus
Thanks all for your reply it was resolved by changing VS settings as below->
Type: Standard Protocol Profile (Client): apm-forwarding-client-tcp Protocol Profile (Server): (Use Client Profile) HTTP Profile (Server): (Use Client Profile) </p
- Leslie_HubertusRet. Employee
I wonder if Paulius can assist with this one?
I've floated your post to the top of the forum for more visibility.
sbasu - I marked your reply using the *Accept As Solution*.
This helps future readers find answers more quickly and confirms the efforts of those who helped.If you think there are other replies that should also be marked as Solution, please do. More than one reply can contribute to an acceptable solution.
Thanks for being part of our community.
Lief
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com