Forum Discussion

tidenz_92110's avatar
Icon for Nimbostratus rankNimbostratus
Dec 07, 2011

Oneconnect with telnet sessions

Hi all,



I am trying to get one connect working with a non http vip. doing a quick search the question was asked back in 2006 but none of the links to the more detailed posts are valid about using irules to force oneconnect reuse



i am trying to LB telnet sessions so that any client connection from a single source address will be forced to re-use the same server-side connection on the basis that the session has dropped client side due coverage.



i have setup a test vip with the default tcp timers and configured the default one connect profile.



so initial testing via my laptop with creating a telnet session then closing the session statefully then opening a new session i always see the f5 open a new connection to the server.



we are running 10.2.0 will the latest hotfixes.



anyone tried something similar?



2 Replies

  • it is same as mine. i am running 10.2.3.



    sol7208 says irule may be required but there is still lack of document i.e. not well explanation, no example.



    Important: When using OneConnect to optimize HTTP traffic, you should apply an HTTP profile to the virtual server. This allows the BIG-IP system to efficiently manage connection re-use without additional configuration. The OneConnect profile may be used with any TCP protocol, but will only function when applied to virtual servers processing simple request/response protocols where transaction boundaries are explicitly obvious, such as those in which each request and each response is contained within a single packet. Applying a OneConnect profile to a non-HTTP virtual server processing more complex transactions, such as FTP or RTSP, may result in traffic disruption and session failure. Even for simple non-HTTP protocols, an iRule may be required to manage connection re-use.




    sol7208: Overview of the OneConnect profile




    the request Colin has submitted has been idle. :-(



    ID240825 - iRules Documentation (ONECONNECT) (Formerly CR 74322)
  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus
    One more thought... Have you considered how you're going to authenticate the second (And subsequent) connections? Otherwise it's a bit of a security hole (The user closes down, thinks they've dropped the connection, along comes someone else, and bang... They have the previous users login :)



    It's a nightmare on terminal servers that don't authenticate with console sessions to servers that don't do sensible things on connection dropping...