Bilal_9919
Dec 03, 2011Nimbostratus
iRule to change Destination IP
Hello Team,
I am using clone pool to duplicate the syslog packets to syslog-ng. I see packets been duplicated on F5 and forwarded to host on clone pool by wiresharking on syslog-ng and also the utilisation counter on F5. This is the traffic flow:
1. Client send syslog messages to F5 VIP (1.1.1.1);
2. F5 receives the packet and sends to standard load balancing pool (2.2.2.2);
3. At same time, packet is duplicated and send to clone pool member syslog-ng (3.3.3.3);
4. The duplicated packet sent to syslog-ng doesn't change the packet destination IP and still preserves as 1.1.1.1 F5 VIP. When packet is received on 3.3.3.3 the destination MAC is of 3.3.3.3, but destination IP is 1.1.1.1. I can confirm this via wireshark and sees on physical interface, but IP layer checking discard the packet, because of mismatch of MAC and IP.
I confirm this by assiging the secondary IP on syslog-ng as 1.1.1.1 and I start receiving the packet...just a nasty trick. The clone pool is doing it's job by not changing the destination IP as it was designed for IDS.
I am thinking to write an iRule to change the destination IP to syslog-ng (3.3.3.3) from 1.1.1.1. when packet is duplicated and before sent on wire.
I am not a good programmer as someone please help in writing this iRule.
Thanks in advance.