Forum Discussion

bahrampeymani's avatar
bahrampeymani
Icon for Nimbostratus rankNimbostratus
Mar 06, 2024

ISO 8583 pos transaction and one connect (multiplext to backend server)

Hello i have many pos and what connect to F5 for manage and loadbalance - all connection send to F5 and want to one session ( one connect ) multiplex like this pic 

my v:

ltm virtual TEST {
    cmp-enabled no
    destination 192.168.1.27:2022
    ip-protocol tcp
    mask 255.255.255.255
    pool TEST_POOL
    profiles {
        TEST-ISO { }
        profile_mblb { }
        tcp { }
    }
    rules {
        TEST-3
    }
    serverssl-use-sni disabled
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
    vs-index 2
}

 

my: mblb

ltm profile mblb profile_mblb {
    defaults-from /Common/mblb
    egress-high 1000
    egress-low 900
    ingress-high 1000
    ingress-low 900
    isolate-abort enabled
    isolate-client disabled
    isolate-expire enabled
    isolate-server enabled
}

 

my: oneconnect

ltm profile one-connect TEST-ISO {
    app-service none
    defaults-from oneconnect
    idle-timeout-override disabled
    limit-type none
    max-age 86400
    max-reuse 1000
    max-size 1
    share-pools disabled
    source-mask any
}

 

irule:

when CLIENT_ACCEPTED {
  log local0. "[IP::client_addr]"
  #LB::context_id "server"
  TCP::collect
}
when CLIENT_DATA {
  if {[binary scan [TCP::payload] S length] == 1 && [expr { ($length & 0xffff) +2 }] == [TCP::payload length]} {
    log local0. "This packet length meets header length value : Header value : [expr { ($length & 0xffff) }] / Packet Length : [TCP::payload length]"
    TCP::release
    TCP::notify request
    TCP::collect
  } else {
    
    log local0. "This packet length doesn't meet header length value... this is not a valid ISO 8583 packet. reject the connection"
    reject
  }
}
when USER_REQUEST {
  TCP::notify response
  LB::detach
}

 

can help me ?

plz

 

LTM
  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Mar 10, 2024

    I see something similar asked here and that is probably where the iRule comes from right?

    ISO 8583 Load Balancing | DevCentral

     

    There someone is also saying it doesnt work for them, that is the same for you? Do you get errors or anything that can help working to a solution?

     

    It seems a not very broad used protocol, you can for sure contact F5 support and see if they can assist. Next to that reach out to your account team, perhaps they can reach out internally to a finance vertical SE with experience on this.

    • bahrampeymani's avatar
      bahrampeymani
      Icon for Nimbostratus rankNimbostratus
      Mar 11, 2024

      Thanks a lot for answer 

      i checked it multi time 

      but problem is that i need multiplex tcp session to backend server means else one session to server 

      can help

      ???