New Radius Profile

Hi all

 

I am trying to create a simplified alternative -thanks to v10.x changes- to David Wang's super radius irule at:

 

http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/149/Radius-Aware-Load-Balancing-via-iRules.aspx

 

 

What I am trying to achieve is detect only accounting start & stop messages, if we get one of these, they must be routed to one of 2 pool members depending on the modulo 2 value of the Frame IP address (don't ask).

 

If the message is an account stop, it must also delete the source based persistence entry for all other virtual servers. This entry should have the Frame-IP as the client IP.

 

Here's what I have at present:

 

-----------------------------------------------------------------------------------------

 

when CLIENT_ACCEPTED {

 

if { [UDP::payload length] > 4 } {

 

if {[RADIUS::code] == 4 } {

 

binary scan [RADIUS::avp 8] a* Frame_IP

 

binary scan [RADIUS::avp 40] H* statval

 

set Acc_Stat [expr 0x$statval]

 

if {$Acc_Stat == 1} {

 

binary scan [binary format c4 [split $fullval .]] H8 Hex

 

set decimal [expr 0x$Hex]

 

set modval [expr {$decimal % 2 }]

 

if { $modval == 0 } {

 

pool pool_radius member 1.1.1.1 1813

 

}

 

if { $modval == 1 } {

 

pool pool_radius member 1.1.1.1 1813

 

}

 

}

 

}

 

}

 

}

 

 

when LB_SELECTED {

 

if { $Acc_Stat == 2 } {

 

persist delete source "$Frame_IP any virtual"

 

}

 

}

 

-----------------------------------------------------------------------------------------

 

I have tried this code before, but we were not seeing the account stop messages come through correctly.

 

Would that be due to SOL11627 or is my code dodgy?

 

 

Regards

 

Jan