Forum Discussion
kng_51762
Nimbostratus
NimbostratusLog OneConnect Reuse
We are implementing OneConnect on all our web virtual servers and I am having a hard time verifying that OneConnect is actually reusing connections to the back end servers. The reason being is the web access logs aren't showing the proxied source ips from the ltm.
Without updating the apache/iis logging configs with the x-forwarder rule still produces a valid client source ip address.
Is there a way to log if and when the ltm is reusing a connection from the pool of usable connections? I'm using the following irule but not sure if the ONECONNECT::reuse is actually stating that the connection is being reused or merely that OneConnect is enabled.
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
log local0.debug "OneConnect Status is [ONECONNECT::reuse]"
TCP::release
}
when LB_SELECTED {
log local0.debug "[IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when SERVER_CONNECTED {
log local0.debug "[IP::client_addr]:[TCP::client_port]: New connection to [IP::server_addr]:[TCP::server_port]"
}
We are running version 10.2.2 Build 763.3. Any help will be greatly appreciated.
Thanks.
nitassEmployee
isn't oneconnect stats acceptable?
sol8688: Overview of OneConnect profile statistics
http://support.f5.com/kb/en-us/solutions/public/8000/600/sol8688.html
anyway, for irule, i do not think SERVER_CONNECTED event is triggered on reused connection since it is existing connection.[root@ve1023:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules rule1 profiles { http {} oneconnect {} tcp {} } } [root@ve1023:Active] config b pool foo list pool foo { members { 200.200.200.101:80 {} 200.200.200.102:80 {} } } [root@ve1023:Active] config b rule rule1 list rule rule1 { when HTTP_RESPONSE { log local0. "client-side [IP::client_addr]:[TCP::client_port]->[IP::local_addr clientside]:[TCP::local_port clientside]|server-side [IP::local_addr]:[TCP::local_port]->[IP::remote_addr]:[TCP::remote_port]" } } [root@ve1023:Active] config b profile oneconnect stats reset [root@ve1023:Active] config tail -f /var/log/ltm Apr 5 02:06:22 local/tmm info tmm[4797]: Rule rule1 : client-side 172.28.65.161:55818->172.28.19.79:80|server-side 200.200.200.10:55818->200.200.200.101:80 Apr 5 02:06:23 local/tmm info tmm[4797]: Rule rule1 : client-side 172.28.65.161:55819->172.28.19.79:80|server-side 200.200.200.10:55819->200.200.200.102:80 Apr 5 02:06:28 local/tmm info tmm[4797]: Rule rule1 : client-side 172.28.65.161:55820->172.28.19.79:80|server-side 200.200.200.10:55818->200.200.200.101:80 Apr 5 02:06:33 local/tmm info tmm[4797]: Rule rule1 : client-side 172.28.65.161:55821->172.28.19.79:80|server-side 200.200.200.10:55819->200.200.200.102:80 [root@ve1023:Active] config b profile oneconnect PROFILE ONECONNECT oneconnect | (curr, max, reuse, new) = (2, 2, 2, 2)
kng_51762Hi nitass,
Thanks for the reply and helping with a newbie question. After some more digging and as you mentioned the oneconnect stats is sufficient and provides me with what I need. I think I was over thinking things and making it more complicated then it need to be.
Thanks again.
~k- nitassyou are welcome. :D