Forum Discussion
RoutingLoop_179
Cirrus
CirrusLinking Universal persistence across different dataflows and virtual servers
Hi I've been trying to look at getting this working but sort of going round in circles at the logic.
Basically i essentially have three flows of traffic in this order.
1st Radius - containi...
nitass
Employee
Employeewhat about something like this?
control plane
[root@ve10:Active] config b virtual rad_vs list
virtual rad_vs {
snat automap
pool rad_pool
destination 172.28.19.252:1812
ip protocol 17
rules rad_rule
profiles {
radiusLB {}
udp_gtm_dns {}
}
}
[root@ve10:Active] config b pool rad_pool list
pool rad_pool {
members {
200.200.200.101:1812 {}
200.200.200.111:1812 {}
}
}
[root@ve10:Active] config b rule rad_rule list
rule rad_rule {
when CLIENT_ACCEPTED {
log local0. "\[RADIUS::avp 31\] [RADIUS::avp 31]"
log local0. "\[RADIUS::avp 8\] [RADIUS::avp 8]"
log local0. "\[persist lookup uie [RADIUS::avp 31]\] [persist lookup uie [RADIUS::avp 31]]"
persist uie [RADIUS::avp 31]
if {[RADIUS::avp 8] ne ""} {
if {[scan [persist lookup uie [RADIUS::avp 31]] {%*s%s%*d} ip] == 1} {
table add [RADIUS::avp 8] $ip
}
}
}
}
data plane
[root@ve10:Active] config b virtual data_vs list
virtual data_vs {
snat automap
pool data_pool
destination 172.28.19.252:80
ip protocol 6
rules data_rule
}
[root@ve10:Active] config b pool data_pool list
pool data_pool {
members {
200.200.200.101:80 {}
200.200.200.111:80 {}
}
}
[root@ve10:Active] config b rule data_rule list
rule data_rule {
when CLIENT_ACCEPTED {
log local0. "\[table lookup [IP::client_addr]\] [table lookup [IP::client_addr]]"
if {[table lookup [IP::client_addr]] ne ""} {
pool data_pool member [table lookup [IP::client_addr]] 80
}
}
when SERVER_CONNECTED {
log local0. "client [IP::client_addr]:[TCP::client_port] server [IP::remote_addr]:[TCP::remote_port]"
}
}
flow1
[root@ve10:Active] config tail -f /var/log/ltm
Feb 14 20:22:48 local/tmm info tmm[4909]: Rule rad_rule : [RADIUS::avp 31] 0001.0203.0405
Feb 14 20:22:48 local/tmm info tmm[4909]: Rule rad_rule : [RADIUS::avp 8]
Feb 14 20:22:48 local/tmm info tmm[4909]: Rule rad_rule : [persist lookup uie 0001.0203.0405]
[root@ve10:Active] config b persist show all
PERSISTENT CONNECTIONS
| Mode universal Value 0001.0203.0405
| virtual 172.28.19.252:1812 node 200.200.200.101:1812 age 13sec
flow2
[root@ve10:Active] config tail -f /var/log/ltm
Feb 14 20:23:17 local/tmm info tmm[4909]: Rule rad_rule : [RADIUS::avp 31] 0001.0203.0405
Feb 14 20:23:17 local/tmm info tmm[4909]: Rule rad_rule : [RADIUS::avp 8] 192.168.206.31
Feb 14 20:23:17 local/tmm info tmm[4909]: Rule rad_rule : [persist lookup uie 0001.0203.0405] rad_pool 200.200.200.101 1812
flow3
[root@ve10:Active] config tail -f /var/log/ltm
Feb 14 20:23:47 local/tmm info tmm[4909]: Rule data_rule : [table lookup 192.168.206.31] 200.200.200.101
Feb 14 20:23:47 local/tmm info tmm[4909]: Rule data_rule : client 192.168.206.31:50745 server 200.200.200.101:80
