iRule to ping host

LiveHTTPHeaders for Firefox is just an add-in install so probably your best bet.

The iRule needs to be assigned to specific Virtual Servers so you can decide which will log or won't.

It's too early to log the selected Pool Member in the CLIENT_ACCEPTED event. How about this (but test carefully, this could overwhelm your device if the connection count is high);

when LB_SELECTED {
  log local0. "Client [IP::addr [IP::client_addr] connected to real server IP: [LB::server addr]"
 }

Thanks Steve. Would the format be more like this though? I think there's some extra around the Client IP part as the iRules errored when I tried to set one up.

 

 

when LB_SELECTED {

 

log local0. "Client IP:[IP::client_addr] connected to real server IP: [LB::server addr]"

 

}

 

 

Also, just for my learning, when you say "It's too early to log the selected Pool Member in the CLIENT_ACCEPTED event." So the "CLIENT ACCEPTED" event is simply tied to the Load Balancer accepting the connection from the client, and at that point the LB has not yet connected the client to a member of the pool to determine a destination host IP? And I see where to assign the iRule to the Virtual Servers now, which for some reason I overlooked before.

For troubelshooting and debugging, inserting a header in evey resposne is the best option. The devoloper can tell directly, frrom his Firefox, which server is bahaving differently, without the need to inspect logs and trying to correlate his requests amongst potentially thousands others happening at the same time.

 

 

I do this on one of my sites and I dont insert the actual backend server IP, pool name and so on, but just code that we can easly decode back.

 

 

Thanks,

 

Mohamed.

 

The original iRule is correct although your version might still work.

 

 

Yes, you are correct regarding the events.

When I try to save the iRule as it is written I get this on the Load Balancer:

 

 

error: line 2: [parse error: missing close-bracket] [[IP::addr [IP::client_addr] connected to real server IP: [LB::server addr]" ]

 

 

It's set up like this in the LB. Am I missing something in the format?

 

 

when LB_SELECTED {

 

log local0. "Client [IP::addr [IP::client_addr] connected to real server IP: [LB::server addr]"

 

}

 

 

To change it I simply took out the "[IP::addr ", and changed it to "IP" and it seemed to save without error. Again, I'm new, so I'm not sure which format is ultimately correct. Thanks.

 

 

when LB_SELECTED {

 

log local0. "Client IP:[IP::client_addr] connected to real server IP: [LB::server addr]"

 

}

Your last code is correct.

 

 

Think of it this way (for more details google for TCL tutorials) :

 

 

you are callling a "function" called "log"

 

passing it two arguments, "local0." and a string.

 

 

The sting contains "expressions", the stuff between [], which are executed and replaced with the result of the expressions.

 

Your two expressions inside the string above are calls to the following functions:

 

 

https://devcentral.f5.com/wiki/irules.IP__client_addr.ashx

 

https://devcentral.f5.com/wiki/irules.LB__server.ashx

 

 

Thanks,

 

Mohamed.

 

 

 

The logging of the Client IP is working with this code below, thanks Mohamed and Steve. However, it seems I can't give the Sharepoint admins access to view the logs on the Big IP without giving them administrator access to the device, which I don't want to do.

 

 

when LB_SELECTED {

 

log local0. "Client IP:[IP::client_addr] connected to real server IP: [LB::server addr]"

 

}

 

 

So, I've been working on the HTTP header as Steve suggested, so they could use HTTPWatch, even Wireshark, to review the HTTP headers from response to seek the IP address of the member of the pool to which the client connected. However, I get syntax errors trying to save the code below as an iRule, and when I try to tweak it myself to where I finally get the iRule to save without error, when I try to connect to the Sharepoint site I basically get "the website cannot be found" in Internet Explorer. Once I remove the iRule I can hit the site. So, I'm not sure what I need to adjust so that I can get the IP address of the member server to which the client connected without using the logfiles on the Big IP. I'd like to set up something that the Sharepoint admins can access to review without giving them Admin access to the BigIP. I know the sharepoint servers that are members of the pool have IIS logs that will show the IP address of the connecting client, but in this case the IIS logs just show the IP address of the load balancer, rather than the client workstation, so even if there is a way to pass the Client IP through without messing with connectivity?

 

 

 

 

 

when LB_SELECTED {

 

set whichserver [LB::server addr]

 

}

 

when HTTP_REQUEST {

 

if { string tolower [HTTP::uri] equals "/whichserver" } {

 

HTTP::respond 200 content "Real server IP is: $whichserver" noserver Content-Type

 

"text/html" Connection "Close"

 

Stop processing the iRule for this event here

 

return }

 

}

 

The logging of the Client IP is working with this code below, thanks Mohamed and Steve. However, it seems I can't give the Sharepoint admins access to view the logs on the Big IP without giving them administrator access to the device, which I don't want to do.

 

 

when LB_SELECTED {

 

log local0. "Client IP:[IP::client_addr] connected to real server IP: [LB::server addr]"

 

}

 

 

So, I've been working on the HTTP header as Steve suggested, so they could use HTTPWatch, even Wireshark, to review the HTTP headers from response to seek the IP address of the member of the pool to which the client connected. However, I get syntax errors trying to save the code below as an iRule, and when I try to tweak it myself to where I finally get the iRule to save without error, when I try to connect to the Sharepoint site I basically get "the website cannot be found" in Internet Explorer. Once I remove the iRule I can hit the site. So, I'm not sure what I need to adjust so that I can get the IP address of the member server to which the client connected without using the logfiles on the Big IP. I'd like to set up something that the Sharepoint admins can access to review without giving them Admin access to the BigIP. I know the sharepoint servers that are members of the pool have IIS logs that will show the IP address of the connecting client, but in this case the IIS logs just show the IP address of the load balancer, rather than the client workstation, so even if there is a way to pass the Client IP through without messing with connectivity?

 

 

 

 

 

when LB_SELECTED {

 

set whichserver [LB::server addr]

 

}

 

when HTTP_REQUEST {

 

if { string tolower [HTTP::uri] equals "/whichserver" } {

 

HTTP::respond 200 content "Real server IP is: $whichserver" noserver Content-Type

 

"text/html" Connection "Close"

 

Stop processing the iRule for this event here

 

return }

 

}

 

It could be that you've used a line break that shouldn't be there on the line with HTTP::respond, it should all be one line. If it is still an issue, maybe it's the event order and we should skip one;

when HTTP_REQUEST {
 if { string tolower [HTTP::uri] equals "/whichserver" } {
 HTTP::respond 200 content "Real server IP is: [LB::server addr]" noserver Content-Type "text/html" Connection "Close"
 Stop processing the iRule for this event here
 return }
}

Nice work yet again with these examples Steve!

There were outer square braces missing from the URI check:

when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] equals "/whichserver" } {
HTTP::respond 200 content "Real server IP is: [LB::server addr]" noserver Content-Type "text/html" Connection "Close"
Stop processing the iRule for this event here
return
}
}

Aaron