Forum Discussion
amolari
Cirrostratus
Cirrostratusmulti profile uie persistence, match accross VS
hi
I have an application that need to persist on the same backend. The application makes first a HTTPS connection, then a TCP connection and would eventually switch to udp connection. It use its own message ID mechanism and this is present in the HTTP request, the TCP and UDP payload. I wrote 3 irules for universal persistence and all are able to find properly that message id (uid) for the persistence. I have configured a "match accross virtual server" for all 3 persistence profiles. It results that we create a persistence record with the persistence irule of HTTPS-VS but it won't be reused for the tcp or udp connection. Here my irules:
HTTPS:
when HTTP_REQUEST {
if { [HTTP::query] starts_with "uid=" } {
set uid [findstr [HTTP::query] uid= 4 ]
if { not (($uid eq "") || ($uid eq "(null)")) }{
persist uie $uid
log local0. "using persistence for UID ($uid): [persist lookup uie $uid]"
}
}
}
TCP:
when CLIENT_ACCEPTED {
TCP::collect 24
}
when CLIENT_DATA {
set offset_header 16
set clientData [TCP::payload]
binary scan $clientData @${offset_header}ccii sig ver size UIDdata
log local0. "sig=[format %x [expr {$sig & 0xFF}]] , ver=$ver, size=$size, UID=$UIDdata"
persist uie $UIDdata
log local0. "using persistence for UID ($UIDdata): [persist lookup uie $UIDdata]"
TCP::release
}
UDP:
when CLIENT_DATA {
set offset_header 8
set clientData [UDP::payload 24]
binary scan $clientData @${offset_header}ccii sig ver size UIDdata
log local0. "sig=[format %x [expr {$sig & 0xFF}]] , ver=$ver, size=$size, UID=$UIDdata"
persist uie $UIDdata
log local0. "using persistence for UID ($UIDdata): [persist lookup uie $UIDdata]"
}
In the logs we see the following:
http_uie : using persistence for UID (4): /Common/HTTPS_Pool 192.168.2.50 443
tcp_uie : sig=ac , ver=8, size=293, UID=4
tcp_uie : using persistence for UID (4):
udp_uie : sig=ad , ver=8, size=59, UID=4
udp_uie : using persistence for UID (4):
udp_uie : sig=ad , ver=8, size=59, UID=4
udp_uie : using persistence for UID (4):
and the persistence table shows the entries
Sys::Persistent Connections
universal 4 192.168.1.4:443 192.168.2.50:443 (tmm: 1)
universal 4 192.168.1.4:443 192.168.2.50:443 (tmm: 0)
Total records returned: 2
so my question is: why the subsequent uie persistence doesn't work ?
Thanks
Alex
nitassEmployee
It results that we create a persistence record with the persistence irule of HTTPS-VS but it won't be reused for the tcp or udp connection.
what version are you running? are https, tcp and udp virtual server addresses in the same traffic-group?
BIG-IP 11.4 Behavior Change: Global Data Now Partitioned by Traffic Group by Jason Rahm
https://devcentral.f5.com/articles/big-ip-114-behavior-change-global-data-now-partitioned-by-traffic-groupanyway, about udp virtual server, i think you may have to enable datagram-load-balancing and move irule to CLIENT_ACCEPTED event instead of CLIENT_DATA.
- nitass
v11.6. same traffic-group.
i got null lookup result too but it seemed persistence is working. does it work on yours?
- nitass
got it.
e.g.
http virtual server root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual barhttp ltm virtual barhttp { destination 172.28.24.10:80 ip-protocol tcp mask 255.255.255.255 persist { myuie { default yes } } pool foohttp profiles { http { } tcp { } } rules { quxhttp } source 0.0.0.0/0 source-address-translation { type automap } vs-index 46 } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foohttp ltm pool foohttp { members { 200.200.200.101:80 { address 200.200.200.101 } 200.200.200.111:80 { address 200.200.200.111 } } } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm persistence universal myuie ltm persistence universal myuie { app-service none defaults-from universal match-across-virtuals enabled } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule quxhttp ltm rule quxhttp { when HTTP_REQUEST { set id [URI::query [HTTP::uri] id] persist uie $id } when HTTP_RESPONSE { log local0. "\[persist lookup uie $id\]=[persist lookup uie $id]" } } tcp virtual server root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar999 ltm virtual bar999 { destination 172.28.24.90:999 ip-protocol tcp mask 255.255.255.255 persist { myuie { default yes } } pool foo999 profiles { tcp { } } rules { qux999 } source 0.0.0.0/0 source-address-translation { type automap } vs-index 47 } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo999 ltm pool foo999 { members { 200.200.200.101:999 { address 200.200.200.101 } 200.200.200.111:999 { address 200.200.200.111 } } } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm persistence universal myuie ltm persistence universal myuie { app-service none defaults-from universal match-across-virtuals enabled } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux999 ltm rule qux999 { when CLIENT_ACCEPTED { TCP::collect 1 } when CLIENT_DATA { set id [TCP::payload 1] persist uie $id log local0. "\[persist lookup uie $id\]=[persist lookup uie "$id any"]" } } /var/log/ltm [root@ve11c:Active:In Sync] config tail -f /var/log/ltm May 7 22:45:41 ve11c info tmm[5649]: Rule /Common/quxhttp : [persist lookup uie 1]=/Common/foohttp 200.200.200.101 80 May 7 22:45:51 ve11c info tmm[5649]: Rule /Common/qux999 : [persist lookup uie 1]=/Common/foohttp 200.200.200.101 80 - nitass
i adjusted log command a bit but i cannot edit the previous post, so i post the revised one here.
http virtual server root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual barhttp ltm virtual barhttp { destination 172.28.24.10:80 ip-protocol tcp mask 255.255.255.255 persist { myuie { default yes } } pool foohttp profiles { http { } tcp { } } rules { quxhttp } source 0.0.0.0/0 source-address-translation { type automap } vs-index 46 } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foohttp ltm pool foohttp { members { 200.200.200.101:80 { address 200.200.200.101 } 200.200.200.111:80 { address 200.200.200.111 } } } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm persistence universal myuie ltm persistence universal myuie { app-service none defaults-from universal match-across-virtuals enabled } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule quxhttp ltm rule quxhttp { when HTTP_REQUEST { set id [URI::query [HTTP::uri] id] persist uie $id } when HTTP_RESPONSE { log local0. "\[persist lookup uie \"$id any\"\]=[persist lookup uie "$id any"]" } } tcp virtual server root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar999 ltm virtual bar999 { destination 172.28.24.90:999 ip-protocol tcp mask 255.255.255.255 persist { myuie { default yes } } pool foo999 profiles { tcp { } } rules { qux999 } source 0.0.0.0/0 source-address-translation { type automap } vs-index 47 } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo999 ltm pool foo999 { members { 200.200.200.101:999 { address 200.200.200.101 } 200.200.200.111:999 { address 200.200.200.111 } } } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm persistence universal myuie ltm persistence universal myuie { app-service none defaults-from universal match-across-virtuals enabled } root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux999 ltm rule qux999 { when CLIENT_ACCEPTED { TCP::collect 1 } when CLIENT_DATA { set id [TCP::payload 1] persist uie $id log local0. "\[persist lookup uie \"$id any\"\]=[persist lookup uie "$id any"]" } } /var/log/ltm [root@ve11c:Active:In Sync] config tail -f /var/log/ltm May 7 22:51:31 ve11c info tmm[5649]: Rule /Common/quxhttp : [persist lookup uie "9 any"]=/Common/foohttp 200.200.200.111 80 May 7 22:51:46 ve11c info tmm[5649]: Rule /Common/qux999 : [persist lookup uie "9 any"]=/Common/foohttp 200.200.200.111 80