Forum Discussion
Piotr_Lewandows
Altostratus
AltostratusOneConnect, no HTTP profile, still per HTTP request LB?
Hi,
My understanding was that one of the functions of service or protocol profiles is to allow LTM to decode, understand and manipulate protocol data at given layer.
In Overview of the OneConnect p...
nitass_89166
Noctilucent
NoctilucentWith OC first TCP connection (and in turn first HTTP request) will be LB to first server, second HTTP request in the same TCP connection to second server and so on
i do not think so. i think without http profile, bigip will not know when to detach server-side connection.
with http profile
root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
http { }
oneconnect { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 29
}
root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
200.200.200.111:80 {
address 200.200.200.111
}
}
}
root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when HTTP_REQUEST {
set host [HTTP::host]
set uri [HTTP::uri]
}
when HTTP_RESPONSE {
log local0. "client=[IP::client_addr]:[TCP::client_port] \
host=$host uri=$uri \
status=[HTTP::status] \
snat=[IP::local_addr]:[TCP::local_port] \
server=[IP::server_addr]:[TCP::server_port]"
}
}
/var/log/ltm
[root@ve11c:Active:In Sync] config tail -f /var/log/ltm
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.101:80
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.111:80
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.101:80
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.111:80
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.101:80
Apr 21 17:29:13 ve11c info tmm1[5649]: Rule /Common/qux : client=172.28.24.8:33073 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33073 server=200.200.200.111:80
without http profile
root@(ve11c)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 29
}
/var/log/ltm
[root@ve11c:Active:In Sync] config tail -f /var/log/ltm
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
Apr 21 17:30:02 ve11c info tmm[5649]: Rule /Common/qux : client=172.28.24.8:33086 host=172.28.24.10 uri=/ status=200 snat=200.200.200.14:33086 server=200.200.200.101:80
dragonflymrCirrostratus
@nitass, thanks, so what this description from sol means? Is that plain wrong or I just misunderstand what is stated there - what is your interpretation of description from sol? Piotr- dragonflymrBTW, in your test described as without HTTP profile, it looks like it is with http profile but without OC profile - Am I wrong? Piotr
- nitass_89166oops sorry i was blur. :)
- dragonflymrThanks a lot for your time. Seems that description from sol assumes some "magic" knowledge :-) instead of providing clear explanation. I was skeptical that in described situation (without iRule) LB is per packet and it turned out that I was right. One side question about stats displayed by show ltm pool foo pool members (from first listing): --------------------------------------------------------------------- Ltm::Pool: foo --------------------------------------------------------------------- Status Availability : unknown State : enabled Reason : The children pool member(s) either don't have service checking enabled, or service check results are not available yet Monitor : none Minimum Active Members : 0 Current Active Members : 0 Total Requests : 0 Current Sessions : 0 What is listed in Current Active Members counter? Members having open connections at the time when show commend was issued? Total Requests : 0 - why it's 0, it's counter for requests send to pool members but without receiving response yet? Trying to figure out info conveyed by this stats. Piotr